6.4
CVE-2011-0212
- EPSS 2.35%
- Veröffentlicht 24.06.2011 20:55:02
- Zuletzt bearbeitet 16.06.2026 23:27:01
- Quelle product-security@apple.com
- CVE-Watchlists
- Unerledigt
servermgrd in Apple Mac OS X before 10.6.8 allows remote attackers to read arbitrary files, and possibly send HTTP requests to intranet servers or cause a denial of service (CPU and memory consumption), via an XML-RPC request containing an entity declaration in conjunction with an entity reference, related to an XML External Entity (aka XXE) issue.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Apple ≫ macOS X Server Version10.6.0
Apple ≫ macOS X Server Version10.6.1
Apple ≫ macOS X Server Version10.6.2
Apple ≫ macOS X Server Version10.6.3
Apple ≫ macOS X Server Version10.6.4
Apple ≫ macOS X Server Version10.6.5
Apple ≫ macOS X Server Version10.6.6
Apple ≫ macOS X Server Version10.6.7
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.35% | 0.815 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.4 | 10 | 4.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:P
|
http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html
http://support.apple.com/kb/HT4723
http://www.securityfocus.com/bid/48445