6.8

CVE-2011-0200

Integer overflow in ColorSync in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an image containing a crafted embedded ColorSync profile that triggers a heap-based buffer overflow.

Data is provided by the National Vulnerability Database (NVD)
ApplemacOS X Version10.6.0
ApplemacOS X Version10.6.1
ApplemacOS X Version10.6.2
ApplemacOS X Version10.6.3
ApplemacOS X Version10.6.4
ApplemacOS X Version10.6.5
ApplemacOS X Version10.6.6
ApplemacOS X Version10.6.7
ApplemacOS X Server Version10.6.0
ApplemacOS X Server Version10.6.1
ApplemacOS X Server Version10.6.2
ApplemacOS X Server Version10.6.3
ApplemacOS X Server Version10.6.4
ApplemacOS X Server Version10.6.5
ApplemacOS X Server Version10.6.6
ApplemacOS X Server Version10.6.7
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 2.87% 0.85
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 6.8 8.6 6.4
AV:N/AC:M/Au:N/C:P/I:P/A:P
http://support.apple.com/kb/HT4723
Patch
Vendor Advisory