6.8
CVE-2011-3221
- EPSS 1.77%
- Veröffentlicht 14.10.2011 10:55:08
- Zuletzt bearbeitet 11.04.2025 00:51:21
- Quelle product-security@apple.com
- Teams Watchlist Login
- Unerledigt Login
QuickTime in Apple Mac OS X before 10.7.2 does not properly handle the atom hierarchy in movie files, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted file.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Apple ≫ macOS X Server Version <= 10.7.1
Apple ≫ macOS X Server Version10.0
Apple ≫ macOS X Server Version10.0.0
Apple ≫ macOS X Server Version10.0.1
Apple ≫ macOS X Server Version10.0.2
Apple ≫ macOS X Server Version10.0.3
Apple ≫ macOS X Server Version10.0.4
Apple ≫ macOS X Server Version10.1
Apple ≫ macOS X Server Version10.1.0
Apple ≫ macOS X Server Version10.1.1
Apple ≫ macOS X Server Version10.1.2
Apple ≫ macOS X Server Version10.1.3
Apple ≫ macOS X Server Version10.1.4
Apple ≫ macOS X Server Version10.1.5
Apple ≫ macOS X Server Version10.2
Apple ≫ macOS X Server Version10.2.0
Apple ≫ macOS X Server Version10.2.1
Apple ≫ macOS X Server Version10.2.2
Apple ≫ macOS X Server Version10.2.3
Apple ≫ macOS X Server Version10.2.4
Apple ≫ macOS X Server Version10.2.5
Apple ≫ macOS X Server Version10.2.6
Apple ≫ macOS X Server Version10.2.7
Apple ≫ macOS X Server Version10.2.8
Apple ≫ macOS X Server Version10.3
Apple ≫ macOS X Server Version10.3.0
Apple ≫ macOS X Server Version10.3.1
Apple ≫ macOS X Server Version10.3.2
Apple ≫ macOS X Server Version10.3.3
Apple ≫ macOS X Server Version10.3.4
Apple ≫ macOS X Server Version10.3.5
Apple ≫ macOS X Server Version10.3.6
Apple ≫ macOS X Server Version10.3.7
Apple ≫ macOS X Server Version10.3.8
Apple ≫ macOS X Server Version10.3.9
Apple ≫ macOS X Server Version10.4
Apple ≫ macOS X Server Version10.4.0
Apple ≫ macOS X Server Version10.4.1
Apple ≫ macOS X Server Version10.4.2
Apple ≫ macOS X Server Version10.4.3
Apple ≫ macOS X Server Version10.4.4
Apple ≫ macOS X Server Version10.4.5
Apple ≫ macOS X Server Version10.4.6
Apple ≫ macOS X Server Version10.4.7
Apple ≫ macOS X Server Version10.4.8
Apple ≫ macOS X Server Version10.4.9
Apple ≫ macOS X Server Version10.4.10
Apple ≫ macOS X Server Version10.4.11
Apple ≫ macOS X Server Version10.5
Apple ≫ macOS X Server Version10.5.0
Apple ≫ macOS X Server Version10.5.1
Apple ≫ macOS X Server Version10.5.2
Apple ≫ macOS X Server Version10.5.3
Apple ≫ macOS X Server Version10.5.4
Apple ≫ macOS X Server Version10.5.5
Apple ≫ macOS X Server Version10.5.6
Apple ≫ macOS X Server Version10.5.7
Apple ≫ macOS X Server Version10.5.8
Apple ≫ macOS X Server Version10.6.0
Apple ≫ macOS X Server Version10.6.1
Apple ≫ macOS X Server Version10.6.2
Apple ≫ macOS X Server Version10.6.3
Apple ≫ macOS X Server Version10.6.4
Apple ≫ macOS X Server Version10.6.5
Apple ≫ macOS X Server Version10.6.6
Apple ≫ macOS X Server Version10.6.7
Apple ≫ macOS X Server Version10.6.8
Apple ≫ macOS X Server Version10.7.0
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.77% | 0.81 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.8 | 8.6 | 6.4 |
AV:N/AC:M/Au:N/C:P/I:P/A:P
|
CWE-94 Improper Control of Generation of Code ('Code Injection')
The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.