Vulnerability-Lookup

CVE-2011-0192 (GCVE-0-2011-0192)

Vulnerability from cvelistv5 – Published: 2011-03-03 19:00 – Updated: 2024-08-06 21:43

Summary

Buffer overflow in Fax4Decode in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF Internet Fax image file that has been compressed using CCITT Group 4 encoding, related to the EXPAND2D macro in libtiff/tif_fax3.h. NOTE: some of these details are obtained from third party information.

Severity ?

No CVSS data available.

CWE

Assigner

apple

References

URL

Tags

	http://www.vupen.com/english/advisories/2011/0845	vdb-entryx_refsource_VUPEN
	http://support.apple.com/kb/HT4564	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://support.apple.com/kb/HT4565	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2011/0599	vdb-entryx_refsource_VUPEN
	http://slackware.com/security/viewer.php?l=slackw…	vendor-advisoryx_refsource_SLACKWARE
	http://www.securityfocus.com/bid/46658	vdb-entryx_refsource_BID
	http://lists.apple.com/archives/Security-announce…	vendor-advisoryx_refsource_APPLE
	http://secunia.com/advisories/43934	third-party-advisoryx_refsource_SECUNIA
	http://lists.fedoraproject.org/pipermail/package-…	vendor-advisoryx_refsource_FEDORA
	http://support.apple.com/kb/HT4566	x_refsource_CONFIRM
	http://lists.fedoraproject.org/pipermail/package-…	vendor-advisoryx_refsource_FEDORA
	http://www.vupen.com/english/advisories/2011/0621	vdb-entryx_refsource_VUPEN
	http://www.vupen.com/english/advisories/2011/0905	vdb-entryx_refsource_VUPEN
	http://www.debian.org/security/2011/dsa-2210	vendor-advisoryx_refsource_DEBIAN
	http://lists.apple.com/archives/security-announce…	vendor-advisoryx_refsource_APPLE
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://blackberry.com/btsc/KB27244	x_refsource_CONFIRM
	http://www.redhat.com/support/errata/RHSA-2011-03…	vendor-advisoryx_refsource_REDHAT
	http://lists.apple.com/archives/security-announce…	vendor-advisoryx_refsource_APPLE
	http://secunia.com/advisories/43664	third-party-advisoryx_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2011/0551	vdb-entryx_refsource_VUPEN
	http://security.gentoo.org/glsa/glsa-201209-02.xml	vendor-advisoryx_refsource_GENTOO
	http://lists.apple.com/archives/security-announce…	vendor-advisoryx_refsource_APPLE
	http://www.vupen.com/english/advisories/2011/0930	vdb-entryx_refsource_VUPEN
	http://support.apple.com/kb/HT4999	x_refsource_CONFIRM
	https://bugzilla.redhat.com/show_bug.cgi?id=678635	x_refsource_CONFIRM
	http://www.securitytracker.com/id?1025153	vdb-entryx_refsource_SECTRACK
	http://support.apple.com/kb/HT5001	x_refsource_CONFIRM
	http://support.apple.com/kb/HT4554	x_refsource_CONFIRM
	http://lists.apple.com/archives/security-announce…	vendor-advisoryx_refsource_APPLE
	http://secunia.com/advisories/44135	third-party-advisoryx_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2011/0960	vdb-entryx_refsource_VUPEN
	http://secunia.com/advisories/43585	third-party-advisoryx_refsource_SECUNIA
	http://lists.apple.com/archives/security-announce…	vendor-advisoryx_refsource_APPLE
	http://secunia.com/advisories/44117	third-party-advisoryx_refsource_SECUNIA
	http://lists.apple.com/archives/Security-announce…	vendor-advisoryx_refsource_APPLE
	http://www.mandriva.com/security/advisories?name=…	vendor-advisoryx_refsource_MANDRIVA
	http://secunia.com/advisories/43593	third-party-advisoryx_refsource_SECUNIA
	http://lists.fedoraproject.org/pipermail/package-…	vendor-advisoryx_refsource_FEDORA
	http://lists.fedoraproject.org/pipermail/package-…	vendor-advisoryx_refsource_FEDORA
	http://secunia.com/advisories/50726	third-party-advisoryx_refsource_SECUNIA
	http://support.apple.com/kb/HT4581	x_refsource_CONFIRM

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T21:43:15.366Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ADV-2011-0845",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0845"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4564"
          },
          {
            "name": "SUSE-SR:2011:009",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4565"
          },
          {
            "name": "ADV-2011-0599",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0599"
          },
          {
            "name": "SSA:2011-098-01",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2011\u0026m=slackware-security.587820"
          },
          {
            "name": "46658",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/46658"
          },
          {
            "name": "APPLE-SA-2011-10-12-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html"
          },
          {
            "name": "43934",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43934"
          },
          {
            "name": "FEDORA-2011-2498",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055683.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4566"
          },
          {
            "name": "FEDORA-2011-3836",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057763.html"
          },
          {
            "name": "ADV-2011-0621",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0621"
          },
          {
            "name": "ADV-2011-0905",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0905"
          },
          {
            "name": "DSA-2210",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2011/dsa-2210"
          },
          {
            "name": "APPLE-SA-2011-03-21-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
          },
          {
            "name": "SUSE-SR:2011:005",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://blackberry.com/btsc/KB27244"
          },
          {
            "name": "RHSA-2011:0318",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2011-0318.html"
          },
          {
            "name": "APPLE-SA-2011-03-02-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html"
          },
          {
            "name": "43664",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43664"
          },
          {
            "name": "ADV-2011-0551",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0551"
          },
          {
            "name": "GLSA-201209-02",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-201209-02.xml"
          },
          {
            "name": "APPLE-SA-2011-03-09-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html"
          },
          {
            "name": "ADV-2011-0930",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0930"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4999"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=678635"
          },
          {
            "name": "1025153",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1025153"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT5001"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4554"
          },
          {
            "name": "APPLE-SA-2011-03-09-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html"
          },
          {
            "name": "44135",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/44135"
          },
          {
            "name": "ADV-2011-0960",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0960"
          },
          {
            "name": "43585",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43585"
          },
          {
            "name": "APPLE-SA-2011-03-09-3",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00005.html"
          },
          {
            "name": "44117",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/44117"
          },
          {
            "name": "APPLE-SA-2011-10-12-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html"
          },
          {
            "name": "MDVSA-2011:043",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:043"
          },
          {
            "name": "43593",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43593"
          },
          {
            "name": "FEDORA-2011-3827",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057840.html"
          },
          {
            "name": "FEDORA-2011-2540",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055240.html"
          },
          {
            "name": "50726",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/50726"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4581"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-03-02T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in Fax4Decode in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF Internet Fax image file that has been compressed using CCITT Group 4 encoding, related to the EXPAND2D macro in libtiff/tif_fax3.h.  NOTE: some of these details are obtained from third party information."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2014-02-10T16:57:01.000Z",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "name": "ADV-2011-0845",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0845"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4564"
        },
        {
          "name": "SUSE-SR:2011:009",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4565"
        },
        {
          "name": "ADV-2011-0599",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0599"
        },
        {
          "name": "SSA:2011-098-01",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2011\u0026m=slackware-security.587820"
        },
        {
          "name": "46658",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/46658"
        },
        {
          "name": "APPLE-SA-2011-10-12-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html"
        },
        {
          "name": "43934",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43934"
        },
        {
          "name": "FEDORA-2011-2498",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055683.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4566"
        },
        {
          "name": "FEDORA-2011-3836",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057763.html"
        },
        {
          "name": "ADV-2011-0621",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0621"
        },
        {
          "name": "ADV-2011-0905",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0905"
        },
        {
          "name": "DSA-2210",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2011/dsa-2210"
        },
        {
          "name": "APPLE-SA-2011-03-21-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
        },
        {
          "name": "SUSE-SR:2011:005",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://blackberry.com/btsc/KB27244"
        },
        {
          "name": "RHSA-2011:0318",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2011-0318.html"
        },
        {
          "name": "APPLE-SA-2011-03-02-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html"
        },
        {
          "name": "43664",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43664"
        },
        {
          "name": "ADV-2011-0551",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0551"
        },
        {
          "name": "GLSA-201209-02",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-201209-02.xml"
        },
        {
          "name": "APPLE-SA-2011-03-09-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html"
        },
        {
          "name": "ADV-2011-0930",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0930"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4999"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=678635"
        },
        {
          "name": "1025153",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1025153"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT5001"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4554"
        },
        {
          "name": "APPLE-SA-2011-03-09-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html"
        },
        {
          "name": "44135",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/44135"
        },
        {
          "name": "ADV-2011-0960",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0960"
        },
        {
          "name": "43585",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43585"
        },
        {
          "name": "APPLE-SA-2011-03-09-3",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00005.html"
        },
        {
          "name": "44117",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/44117"
        },
        {
          "name": "APPLE-SA-2011-10-12-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html"
        },
        {
          "name": "MDVSA-2011:043",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:043"
        },
        {
          "name": "43593",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43593"
        },
        {
          "name": "FEDORA-2011-3827",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057840.html"
        },
        {
          "name": "FEDORA-2011-2540",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055240.html"
        },
        {
          "name": "50726",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/50726"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4581"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "product-security@apple.com",
          "ID": "CVE-2011-0192",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in Fax4Decode in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF Internet Fax image file that has been compressed using CCITT Group 4 encoding, related to the EXPAND2D macro in libtiff/tif_fax3.h.  NOTE: some of these details are obtained from third party information."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ADV-2011-0845",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0845"
            },
            {
              "name": "http://support.apple.com/kb/HT4564",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4564"
            },
            {
              "name": "SUSE-SR:2011:009",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html"
            },
            {
              "name": "http://support.apple.com/kb/HT4565",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4565"
            },
            {
              "name": "ADV-2011-0599",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0599"
            },
            {
              "name": "SSA:2011-098-01",
              "refsource": "SLACKWARE",
              "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2011\u0026m=slackware-security.587820"
            },
            {
              "name": "46658",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/46658"
            },
            {
              "name": "APPLE-SA-2011-10-12-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html"
            },
            {
              "name": "43934",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/43934"
            },
            {
              "name": "FEDORA-2011-2498",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055683.html"
            },
            {
              "name": "http://support.apple.com/kb/HT4566",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4566"
            },
            {
              "name": "FEDORA-2011-3836",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057763.html"
            },
            {
              "name": "ADV-2011-0621",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0621"
            },
            {
              "name": "ADV-2011-0905",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0905"
            },
            {
              "name": "DSA-2210",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2011/dsa-2210"
            },
            {
              "name": "APPLE-SA-2011-03-21-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
            },
            {
              "name": "SUSE-SR:2011:005",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"
            },
            {
              "name": "http://blackberry.com/btsc/KB27244",
              "refsource": "CONFIRM",
              "url": "http://blackberry.com/btsc/KB27244"
            },
            {
              "name": "RHSA-2011:0318",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2011-0318.html"
            },
            {
              "name": "APPLE-SA-2011-03-02-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html"
            },
            {
              "name": "43664",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/43664"
            },
            {
              "name": "ADV-2011-0551",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0551"
            },
            {
              "name": "GLSA-201209-02",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-201209-02.xml"
            },
            {
              "name": "APPLE-SA-2011-03-09-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html"
            },
            {
              "name": "ADV-2011-0930",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0930"
            },
            {
              "name": "http://support.apple.com/kb/HT4999",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4999"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=678635",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=678635"
            },
            {
              "name": "1025153",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1025153"
            },
            {
              "name": "http://support.apple.com/kb/HT5001",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT5001"
            },
            {
              "name": "http://support.apple.com/kb/HT4554",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4554"
            },
            {
              "name": "APPLE-SA-2011-03-09-2",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html"
            },
            {
              "name": "44135",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/44135"
            },
            {
              "name": "ADV-2011-0960",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0960"
            },
            {
              "name": "43585",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/43585"
            },
            {
              "name": "APPLE-SA-2011-03-09-3",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00005.html"
            },
            {
              "name": "44117",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/44117"
            },
            {
              "name": "APPLE-SA-2011-10-12-2",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html"
            },
            {
              "name": "MDVSA-2011:043",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:043"
            },
            {
              "name": "43593",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/43593"
            },
            {
              "name": "FEDORA-2011-3827",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057840.html"
            },
            {
              "name": "FEDORA-2011-2540",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055240.html"
            },
            {
              "name": "50726",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/50726"
            },
            {
              "name": "http://support.apple.com/kb/HT4581",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4581"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2011-0192",
    "datePublished": "2011-03-03T19:00:00.000Z",
    "dateReserved": "2010-12-23T00:00:00.000Z",
    "dateUpdated": "2024-08-06T21:43:15.366Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CERTA-2011-AVI-150

Vulnerability from certfr_avis - Published: 2011-03-11 - Updated: 2011-03-11

De multiples vulnérabilités permettant l'exécution de code arbitraire ont été corrigées dans Apple Safari.

Description

De multiples vulnérabilités ont été corrigées dans Apple Safari pour Microsoft Windows et Mac OS X. Celles-ci permettent l'exécution de code arbitraire à distance par l'intermédiaire d'une page Web spécialement conçue.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

La version 5.0.4 de Apple Safari corrige ces vulnérabilités. Cette nouvelle version integre une mise à jour de la libpng en version 1.4.3.

Apple Safari versions antérieures à 5.0.4.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Apple HT4566 du 09 mars 2011

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cp\u003eApple Safari versions ant\u00e9rieures \u00e0  5.0.4.\u003c/p\u003e",
  "content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans Apple Safari pour\nMicrosoft Windows et Mac OS X. Celles-ci permettent l\u0027ex\u00e9cution de code\narbitraire \u00e0 distance par l\u0027interm\u00e9diaire d\u0027une page Web sp\u00e9cialement\ncon\u00e7ue.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n\nLa version 5.0.4 de Apple Safari corrige ces vuln\u00e9rabilit\u00e9s. Cette\nnouvelle version integre une mise \u00e0 jour de la libpng en version 1.4.3.\n",
  "cves": [
    {
      "name": "CVE-2011-0170",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0170"
    },
    {
      "name": "CVE-2011-0153",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0153"
    },
    {
      "name": "CVE-2011-0138",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0138"
    },
    {
      "name": "CVE-2011-0156",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0156"
    },
    {
      "name": "CVE-2011-0192",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0192"
    },
    {
      "name": "CVE-2011-0120",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0120"
    },
    {
      "name": "CVE-2011-0115",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0115"
    },
    {
      "name": "CVE-2011-0112",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0112"
    },
    {
      "name": "CVE-2011-0113",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0113"
    },
    {
      "name": "CVE-2011-0140",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0140"
    },
    {
      "name": "CVE-2010-4494",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4494"
    },
    {
      "name": "CVE-2010-2249",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2249"
    },
    {
      "name": "CVE-2011-0148",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0148"
    },
    {
      "name": "CVE-2011-0127",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0127"
    },
    {
      "name": "CVE-2011-0163",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0163"
    },
    {
      "name": "CVE-2011-0169",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0169"
    },
    {
      "name": "CVE-2011-0142",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0142"
    },
    {
      "name": "CVE-2011-0150",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0150"
    },
    {
      "name": "CVE-2011-0122",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0122"
    },
    {
      "name": "CVE-2011-0118",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0118"
    },
    {
      "name": "CVE-2011-0129",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0129"
    },
    {
      "name": "CVE-2011-0165",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0165"
    },
    {
      "name": "CVE-2011-0191",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0191"
    },
    {
      "name": "CVE-2010-1205",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1205"
    },
    {
      "name": "CVE-2011-0160",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0160"
    },
    {
      "name": "CVE-2011-0149",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0149"
    },
    {
      "name": "CVE-2011-0151",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0151"
    },
    {
      "name": "CVE-2011-0126",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0126"
    },
    {
      "name": "CVE-2011-0155",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0155"
    },
    {
      "name": "CVE-2011-0125",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0125"
    },
    {
      "name": "CVE-2011-0119",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0119"
    },
    {
      "name": "CVE-2011-0161",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0161"
    },
    {
      "name": "CVE-2011-0123",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0123"
    },
    {
      "name": "CVE-2011-0145",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0145"
    },
    {
      "name": "CVE-2011-0121",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0121"
    },
    {
      "name": "CVE-2011-0128",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0128"
    },
    {
      "name": "CVE-2011-0141",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0141"
    },
    {
      "name": "CVE-2011-0152",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0152"
    },
    {
      "name": "CVE-2011-0134",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0134"
    },
    {
      "name": "CVE-2011-0114",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0114"
    },
    {
      "name": "CVE-2011-0135",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0135"
    },
    {
      "name": "CVE-2011-0124",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0124"
    },
    {
      "name": "CVE-2011-0132",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0132"
    },
    {
      "name": "CVE-2011-0130",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0130"
    },
    {
      "name": "CVE-2011-0143",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0143"
    },
    {
      "name": "CVE-2011-0111",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0111"
    },
    {
      "name": "CVE-2011-0117",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0117"
    },
    {
      "name": "CVE-2011-0154",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0154"
    },
    {
      "name": "CVE-2010-4008",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4008"
    },
    {
      "name": "CVE-2011-0146",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0146"
    },
    {
      "name": "CVE-2011-0166",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0166"
    },
    {
      "name": "CVE-2010-1824",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1824"
    },
    {
      "name": "CVE-2011-0144",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0144"
    },
    {
      "name": "CVE-2011-0147",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0147"
    },
    {
      "name": "CVE-2011-0131",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0131"
    },
    {
      "name": "CVE-2011-0167",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0167"
    },
    {
      "name": "CVE-2011-0168",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0168"
    },
    {
      "name": "CVE-2011-0136",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0136"
    },
    {
      "name": "CVE-2011-0133",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0133"
    },
    {
      "name": "CVE-2011-0139",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0139"
    },
    {
      "name": "CVE-2011-0137",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0137"
    },
    {
      "name": "CVE-2011-0116",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0116"
    }
  ],
  "initial_release_date": "2011-03-11T00:00:00",
  "last_revision_date": "2011-03-11T00:00:00",
  "links": [],
  "reference": "CERTA-2011-AVI-150",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2011-03-11T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s permettant l\u0027ex\u00e9cution de code arbitraire\nont \u00e9t\u00e9 corrig\u00e9es dans Apple Safari.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Apple Safari",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT4566 du 09 mars 2011",
      "url": "http://support.apple.com/kb/HT4566"
    }
  ]
}

CERTA-2011-AVI-134

Vulnerability from certfr_avis - Published: 2011-03-04 - Updated: 2011-03-04

Plusieurs vulnérabilités dans le lecteur multimédia iTunes d'Apple permettent à une personne distante malintentionnée de provoquer un déni de service ou d'exécuter du code arbitraire.

Description

De multiples vulnérabilités dans iTunes ont été corrigées. Un individu malveillant peut exploiter ces vulnérabilités afin de provoquer l'arrêt inoppinée de l'application ou d'exécuter du code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

iTunes 10.2.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Apple HT4554 du 02 mars 2011

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eiTunes 10.2.\u003c/P\u003e",
  "content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s dans iTunes ont \u00e9t\u00e9 corrig\u00e9es. Un individu\nmalveillant peut exploiter ces vuln\u00e9rabilit\u00e9s afin de provoquer l\u0027arr\u00eat\ninoppin\u00e9e de l\u0027application ou d\u0027ex\u00e9cuter du code arbitraire \u00e0 distance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2011-0170",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0170"
    },
    {
      "name": "CVE-2011-0153",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0153"
    },
    {
      "name": "CVE-2011-0138",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0138"
    },
    {
      "name": "CVE-2011-0156",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0156"
    },
    {
      "name": "CVE-2011-0192",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0192"
    },
    {
      "name": "CVE-2011-0120",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0120"
    },
    {
      "name": "CVE-2011-0115",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0115"
    },
    {
      "name": "CVE-2011-0112",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0112"
    },
    {
      "name": "CVE-2011-0113",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0113"
    },
    {
      "name": "CVE-2011-0140",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0140"
    },
    {
      "name": "CVE-2010-4494",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4494"
    },
    {
      "name": "CVE-2010-2249",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2249"
    },
    {
      "name": "CVE-2011-0148",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0148"
    },
    {
      "name": "CVE-2011-0127",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0127"
    },
    {
      "name": "CVE-2011-0142",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0142"
    },
    {
      "name": "CVE-2011-0150",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0150"
    },
    {
      "name": "CVE-2011-0164",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0164"
    },
    {
      "name": "CVE-2011-0122",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0122"
    },
    {
      "name": "CVE-2011-0118",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0118"
    },
    {
      "name": "CVE-2011-0129",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0129"
    },
    {
      "name": "CVE-2011-0165",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0165"
    },
    {
      "name": "CVE-2011-0191",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0191"
    },
    {
      "name": "CVE-2010-1205",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1205"
    },
    {
      "name": "CVE-2011-0149",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0149"
    },
    {
      "name": "CVE-2011-0151",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0151"
    },
    {
      "name": "CVE-2011-0126",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0126"
    },
    {
      "name": "CVE-2011-0155",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0155"
    },
    {
      "name": "CVE-2011-0125",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0125"
    },
    {
      "name": "CVE-2011-0119",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0119"
    },
    {
      "name": "CVE-2011-0123",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0123"
    },
    {
      "name": "CVE-2011-0145",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0145"
    },
    {
      "name": "CVE-2011-0121",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0121"
    },
    {
      "name": "CVE-2011-0128",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0128"
    },
    {
      "name": "CVE-2011-0141",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0141"
    },
    {
      "name": "CVE-2011-0152",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0152"
    },
    {
      "name": "CVE-2011-0134",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0134"
    },
    {
      "name": "CVE-2011-0114",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0114"
    },
    {
      "name": "CVE-2011-0135",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0135"
    },
    {
      "name": "CVE-2011-0124",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0124"
    },
    {
      "name": "CVE-2011-0132",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0132"
    },
    {
      "name": "CVE-2011-0130",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0130"
    },
    {
      "name": "CVE-2011-0143",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0143"
    },
    {
      "name": "CVE-2011-0111",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0111"
    },
    {
      "name": "CVE-2011-0117",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0117"
    },
    {
      "name": "CVE-2011-0154",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0154"
    },
    {
      "name": "CVE-2010-4008",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4008"
    },
    {
      "name": "CVE-2011-0146",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0146"
    },
    {
      "name": "CVE-2010-1824",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1824"
    },
    {
      "name": "CVE-2011-0144",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0144"
    },
    {
      "name": "CVE-2011-0147",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0147"
    },
    {
      "name": "CVE-2011-0131",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0131"
    },
    {
      "name": "CVE-2011-0168",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0168"
    },
    {
      "name": "CVE-2011-0136",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0136"
    },
    {
      "name": "CVE-2011-0133",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0133"
    },
    {
      "name": "CVE-2011-0139",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0139"
    },
    {
      "name": "CVE-2011-0137",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0137"
    },
    {
      "name": "CVE-2011-0116",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0116"
    }
  ],
  "initial_release_date": "2011-03-04T00:00:00",
  "last_revision_date": "2011-03-04T00:00:00",
  "links": [],
  "reference": "CERTA-2011-AVI-134",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2011-03-04T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Plusieurs vuln\u00e9rabilit\u00e9s dans le lecteur multim\u00e9dia iTunes d\u0027Apple\npermettent \u00e0 une personne distante malintentionn\u00e9e de provoquer un d\u00e9ni\nde service ou d\u0027ex\u00e9cuter du code arbitraire.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans iTunes",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT4554 du 02 mars 2011",
      "url": "http://support.apple.com/kb/HT4554"
    }
  ]
}

CERTA-2011-AVI-162

Vulnerability from certfr_avis - Published: 2011-03-22 - Updated: 2011-03-22

De nombreuses vulnérabilités ont été corrigées dans Mac OS X. Leur exploitation permet, entre autres, l'exécution de code arbitraire à distance.

Description

De multiples vulnérabilités ont été corrigées dans différents composants du système d'exploitation Mac OS X, notamment :

Airport ;
AppleScript ;
ATS ;
CarbonCore ;
CoreText ;
File Quarantine ;
HFS ;
ImageIO ;
ImageRaw ;
Installer ;
Kernel ;
Libinfo ;
Libxml ;
QuickLook ;
QuickTime ;
Terminal.

Cette mise à jour corrige également un grand nombre de vulnérabilités dans des logiciels inclus au système d'exploitation comme Apache, ClamAV, Kerberos, Mailman, PHP, Ruby, Samba, Subversion et X11. Parmi les failles corrigées, certaines permettent l'exécution de code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
N/A	N/A	Mac OS X 10.5.8 ;
N/A	N/A	Mac OS X Server 10.6.x.
N/A	N/A	Mac OS X Server 10.5.8 ;
N/A	N/A	Mac OS X 10.6.x ;

References

Title

Publication Time

Tags

Bulletin de sécurité Apple HT4581 du 21 mars 2011

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Mac OS X 10.5.8 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Mac OS X Server 10.6.x.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Mac OS X Server 10.5.8 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Mac OS X 10.6.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans diff\u00e9rents composants\ndu syst\u00e8me d\u0027exploitation Mac OS X, notamment :\n\n-   Airport ;\n-   AppleScript ;\n-   ATS ;\n-   CarbonCore ;\n-   CoreText ;\n-   File Quarantine ;\n-   HFS ;\n-   ImageIO ;\n-   ImageRaw ;\n-   Installer ;\n-   Kernel ;\n-   Libinfo ;\n-   Libxml ;\n-   QuickLook ;\n-   QuickTime ;\n-   Terminal.\n\nCette mise \u00e0 jour corrige \u00e9galement un grand nombre de vuln\u00e9rabilit\u00e9s\ndans des logiciels inclus au syst\u00e8me d\u0027exploitation comme Apache,\nClamAV, Kerberos, Mailman, PHP, Ruby, Samba, Subversion et X11. Parmi\nles failles corrig\u00e9es, certaines permettent l\u0027ex\u00e9cution de code\narbitraire \u00e0 distance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2011-0170",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0170"
    },
    {
      "name": "CVE-2010-3089",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3089"
    },
    {
      "name": "CVE-2010-3870",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3870"
    },
    {
      "name": "CVE-2011-0187",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0187"
    },
    {
      "name": "CVE-2010-3709",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3709"
    },
    {
      "name": "CVE-2010-4020",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4020"
    },
    {
      "name": "CVE-2011-0172",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0172"
    },
    {
      "name": "CVE-2011-0181",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0181"
    },
    {
      "name": "CVE-2011-0192",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0192"
    },
    {
      "name": "CVE-2010-3710",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3710"
    },
    {
      "name": "CVE-2011-0183",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0183"
    },
    {
      "name": "CVE-2010-4494",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4494"
    },
    {
      "name": "CVE-2011-0182",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0182"
    },
    {
      "name": "CVE-2010-2068",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2068"
    },
    {
      "name": "CVE-2010-1452",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1452"
    },
    {
      "name": "CVE-2010-4021",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4021"
    },
    {
      "name": "CVE-2011-0173",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0173"
    },
    {
      "name": "CVE-2010-0405",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0405"
    },
    {
      "name": "CVE-2010-2950",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2950"
    },
    {
      "name": "CVE-2011-0191",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0191"
    },
    {
      "name": "CVE-2011-0186",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0186"
    },
    {
      "name": "CVE-2011-0178",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0178"
    },
    {
      "name": "CVE-2010-3802",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3802"
    },
    {
      "name": "CVE-2010-4409",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4409"
    },
    {
      "name": "CVE-2011-0190",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0190"
    },
    {
      "name": "CVE-2011-1417",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1417"
    },
    {
      "name": "CVE-2010-3801",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3801"
    },
    {
      "name": "CVE-2010-4479",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4479"
    },
    {
      "name": "CVE-2011-0188",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0188"
    },
    {
      "name": "CVE-2010-3814",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3814"
    },
    {
      "name": "CVE-2010-3855",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3855"
    },
    {
      "name": "CVE-2011-0180",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0180"
    },
    {
      "name": "CVE-2010-1324",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1324"
    },
    {
      "name": "CVE-2011-0174",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0174"
    },
    {
      "name": "CVE-2011-0189",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0189"
    },
    {
      "name": "CVE-2006-7243",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-7243"
    },
    {
      "name": "CVE-2010-4261",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4261"
    },
    {
      "name": "CVE-2010-3434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3434"
    },
    {
      "name": "CVE-2010-4260",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4260"
    },
    {
      "name": "CVE-2010-3315",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3315"
    },
    {
      "name": "CVE-2011-0184",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0184"
    },
    {
      "name": "CVE-2011-0179",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0179"
    },
    {
      "name": "CVE-2010-3069",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3069"
    },
    {
      "name": "CVE-2011-0177",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0177"
    },
    {
      "name": "CVE-2010-1323",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1323"
    },
    {
      "name": "CVE-2010-4008",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4008"
    },
    {
      "name": "CVE-2010-3436",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3436"
    },
    {
      "name": "CVE-2011-0194",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0194"
    },
    {
      "name": "CVE-2011-0175",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0175"
    },
    {
      "name": "CVE-2010-4150",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4150"
    },
    {
      "name": "CVE-2011-0193",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0193"
    },
    {
      "name": "CVE-2011-0176",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0176"
    },
    {
      "name": "CVE-2010-4009",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4009"
    }
  ],
  "initial_release_date": "2011-03-22T00:00:00",
  "last_revision_date": "2011-03-22T00:00:00",
  "links": [],
  "reference": "CERTA-2011-AVI-162",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2011-03-22T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De nombreuses vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans Mac OS X. Leur\nexploitation permet, entre autres, l\u0027ex\u00e9cution de code arbitraire \u00e0\ndistance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Mac OS X",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT4581 du 21 mars 2011",
      "url": "http://support.apple.com/kb/HT4581"
    }
  ]
}

CERTA-2011-AVI-567

Vulnerability from certfr_avis - Published: 2011-10-13 - Updated: 2011-10-13

De nombreuses vulnérabilités ont été corrigées dans Apple iOS pour iPhone, iPad et iPod touch dont certaines permettent une exécution de code arbitraire à distance.

Description

De nombreuses vulnérabilités ont été corrigées dans Apple iOS pour iPhone, iPad et iPod touch. Certaines permettent à une personne malintentionnée d'exécuter du code arbitraire à distance ou de récupérer le mot de passe du compte «Apple ID» utilisé. Les composants suivants ont été mise à jour :

CalDAV ;
Calendar ;
CFNetwork ;
CoreFoundation ;
CoreGraphics ;
CoreMedia ;
ImageIO ;
International Components for Unicode ;
Kernel ;
Keyboards ;
libxml ;
OfficeImport ;
Safari ;
Settings ;
UIKit ;
WebKit ;
WiFi.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Apple	N/A	iPod touch avec iOS versions 4.3.5 et antérieures.
Apple	N/A	iPhone 4 et 3GS avec iOS versions 4.3.5 et antérieures ;
Apple	N/A	iPad avec iOS versions 4.3.5 et antérieures ;

References

Title

Publication Time

Tags

Bulletin de sécurité Apple HT4999 du 12 octobre 2011

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "iPod touch avec iOS versions 4.3.5 et ant\u00e9rieures.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "iPhone 4 et 3GS avec iOS versions 4.3.5 et ant\u00e9rieures ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "iPad avec iOS versions 4.3.5 et ant\u00e9rieures ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nDe nombreuses vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans Apple iOS pour\niPhone, iPad et iPod touch. Certaines permettent \u00e0 une personne\nmalintentionn\u00e9e d\u0027ex\u00e9cuter du code arbitraire \u00e0 distance ou de r\u00e9cup\u00e9rer\nle mot de passe du compte \u00abApple ID\u00bb utilis\u00e9. Les composants suivants\nont \u00e9t\u00e9 mise \u00e0 jour\u00a0:\n\n-   CalDAV\u00a0;\n-   Calendar\u00a0;\n-   CFNetwork\u00a0;\n-   CoreFoundation\u00a0;\n-   CoreGraphics\u00a0;\n-   CoreMedia\u00a0;\n-   ImageIO\u00a0;\n-   International Components for Unicode\u00a0;\n-   Kernel\u00a0;\n-   Keyboards\u00a0;\n-   libxml\u00a0;\n-   OfficeImport\u00a0;\n-   Safari\u00a0;\n-   Settings\u00a0;\n-   UIKit\u00a0;\n-   WebKit\u00a0;\n-   WiFi.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2011-1204",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1204"
    },
    {
      "name": "CVE-2011-1117",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1117"
    },
    {
      "name": "CVE-2011-0187",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0187"
    },
    {
      "name": "CVE-2011-0983",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0983"
    },
    {
      "name": "CVE-2011-0259",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0259"
    },
    {
      "name": "CVE-2011-2814",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2814"
    },
    {
      "name": "CVE-2011-0208",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0208"
    },
    {
      "name": "CVE-2011-0192",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0192"
    },
    {
      "name": "CVE-2011-2823",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2823"
    },
    {
      "name": "CVE-2011-2813",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2813"
    },
    {
      "name": "CVE-2011-2359",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2359"
    },
    {
      "name": "CVE-2011-0216",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0216"
    },
    {
      "name": "CVE-2011-2788",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2788"
    },
    {
      "name": "CVE-2011-1774",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1774"
    },
    {
      "name": "CVE-2011-2819",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2819"
    },
    {
      "name": "CVE-2011-2799",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2799"
    },
    {
      "name": "CVE-2011-2341",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2341"
    },
    {
      "name": "CVE-2011-0255",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0255"
    },
    {
      "name": "CVE-2011-1190",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1190"
    },
    {
      "name": "CVE-2011-3256",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3256"
    },
    {
      "name": "CVE-2011-1188",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1188"
    },
    {
      "name": "CVE-2011-0233",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0233"
    },
    {
      "name": "CVE-2011-1115",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1115"
    },
    {
      "name": "CVE-2011-1296",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1296"
    },
    {
      "name": "CVE-2011-2351",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2351"
    },
    {
      "name": "CVE-2011-2827",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2827"
    },
    {
      "name": "CVE-2011-3432",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3432"
    },
    {
      "name": "CVE-2011-0981",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0981"
    },
    {
      "name": "CVE-2011-3254",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3254"
    },
    {
      "name": "CVE-2011-0254",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0254"
    },
    {
      "name": "CVE-2011-2831",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2831"
    },
    {
      "name": "CVE-2011-0238",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0238"
    },
    {
      "name": "CVE-2011-2800",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2800"
    },
    {
      "name": "CVE-2011-1295",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1295"
    },
    {
      "name": "CVE-2011-3434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3434"
    },
    {
      "name": "CVE-2011-0222",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0222"
    },
    {
      "name": "CVE-2011-1121",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1121"
    },
    {
      "name": "CVE-2011-1797",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1797"
    },
    {
      "name": "CVE-2011-2817",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2817"
    },
    {
      "name": "CVE-2011-0206",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0206"
    },
    {
      "name": "CVE-2011-1451",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1451"
    },
    {
      "name": "CVE-2011-2790",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2790"
    },
    {
      "name": "CVE-2011-3243",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3243"
    },
    {
      "name": "CVE-2011-3235",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3235"
    },
    {
      "name": "CVE-2011-3237",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3237"
    },
    {
      "name": "CVE-2011-3255",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3255"
    },
    {
      "name": "CVE-2011-2805",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2805"
    },
    {
      "name": "CVE-2011-0232",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0232"
    },
    {
      "name": "CVE-2011-2356",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2356"
    },
    {
      "name": "CVE-2011-3246",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3246"
    },
    {
      "name": "CVE-2011-2797",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2797"
    },
    {
      "name": "CVE-2011-2339",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2339"
    },
    {
      "name": "CVE-2011-1288",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1288"
    },
    {
      "name": "CVE-2011-1132",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1132"
    },
    {
      "name": "CVE-2011-0241",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0241"
    },
    {
      "name": "CVE-2011-1203",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1203"
    },
    {
      "name": "CVE-2011-3245",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3245"
    },
    {
      "name": "CVE-2011-0242",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0242"
    },
    {
      "name": "CVE-2011-2809",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2809"
    },
    {
      "name": "CVE-2011-3261",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3261"
    },
    {
      "name": "CVE-2011-1293",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1293"
    },
    {
      "name": "CVE-2011-3234",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3234"
    },
    {
      "name": "CVE-2011-2338",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2338"
    },
    {
      "name": "CVE-2011-3429",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3429"
    },
    {
      "name": "CVE-2011-0184",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0184"
    },
    {
      "name": "CVE-2011-3431",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3431"
    },
    {
      "name": "CVE-2011-2792",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2792"
    },
    {
      "name": "CVE-2011-0234",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0234"
    },
    {
      "name": "CVE-2011-1449",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1449"
    },
    {
      "name": "CVE-2011-3430",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3430"
    },
    {
      "name": "CVE-2011-3259",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3259"
    },
    {
      "name": "CVE-2011-2818",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2818"
    },
    {
      "name": "CVE-2011-1457",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1457"
    },
    {
      "name": "CVE-2011-0235",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0235"
    },
    {
      "name": "CVE-2011-0225",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0225"
    },
    {
      "name": "CVE-2011-3236",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3236"
    },
    {
      "name": "CVE-2011-1114",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1114"
    },
    {
      "name": "CVE-2011-3427",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3427"
    },
    {
      "name": "CVE-2011-0166",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0166"
    },
    {
      "name": "CVE-2011-2820",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2820"
    },
    {
      "name": "CVE-2011-1109",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1109"
    },
    {
      "name": "CVE-2011-0221",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0221"
    },
    {
      "name": "CVE-2011-2354",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2354"
    },
    {
      "name": "CVE-2011-2816",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2816"
    },
    {
      "name": "CVE-2011-2352",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2352"
    },
    {
      "name": "CVE-2011-1462",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1462"
    },
    {
      "name": "CVE-2011-1453",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1453"
    },
    {
      "name": "CVE-2011-0218",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0218"
    },
    {
      "name": "CVE-2011-3257",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3257"
    },
    {
      "name": "CVE-2011-3244",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3244"
    },
    {
      "name": "CVE-2011-1107",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1107"
    },
    {
      "name": "CVE-2011-3389",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3389"
    },
    {
      "name": "CVE-2011-3426",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3426"
    },
    {
      "name": "CVE-2011-3260",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3260"
    },
    {
      "name": "CVE-2011-3232",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3232"
    },
    {
      "name": "CVE-2011-3253",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3253"
    }
  ],
  "initial_release_date": "2011-10-13T00:00:00",
  "last_revision_date": "2011-10-13T00:00:00",
  "links": [],
  "reference": "CERTA-2011-AVI-567",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2011-10-13T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De nombreuses vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans Apple iOS pour\niPhone, iPad et iPod touch dont certaines permettent une ex\u00e9cution de\ncode arbitraire \u00e0 distance.\n",
  "title": "Vuln\u00e9rabilit\u00e9s dans Apple iOS",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT4999 du 12 octobre 2011",
      "url": "http://support.apple.com/kb/HT4999"
    }
  ]
}

CERTA-2011-AVI-135

Vulnerability from certfr_avis - Published: 2011-03-04 - Updated: 2011-03-04

Une vulnérabilité dans la bibliothèque LibTIFF permet à un attaquant d'exécuter du code arbitraire à distance.

Description

Une erreur dans l'analyse des images au format TIFF compressées avec l'algorithme CCITT Group 4 peut être exploitée par une personne malveillante pour exécuter du code arbitraire à distance, via un débordement de tampon sur le tas.

Solution

Se référer au bulletin de sécurité des différents éditeurs pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	N/A	N/A	LibTIFF version 3.9.4.

References

Title

Publication Time

Tags

Bulletin de sécurité Apple HT4554 du 02 mars 2011	None	vendor-advisory
Bulletin de sécurité RedHat RHSA-2011:0318 du 02 mars 2011 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "LibTIFF version 3.9.4.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nUne erreur dans l\u0027analyse des images au format TIFF compress\u00e9es avec\nl\u0027algorithme CCITT Group 4 peut \u00eatre exploit\u00e9e par une personne\nmalveillante pour ex\u00e9cuter du code arbitraire \u00e0 distance, via un\nd\u00e9bordement de tampon sur le tas.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 des diff\u00e9rents \u00e9diteurs pour\nl\u0027obtention des correctifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2011-0192",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0192"
    }
  ],
  "initial_release_date": "2011-03-04T00:00:00",
  "last_revision_date": "2011-03-04T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2011:0318 du 02 mars 2011    :",
      "url": "http://rhn.redhat.com/errata/RHSA-2011-0318.html"
    }
  ],
  "reference": "CERTA-2011-AVI-135",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2011-03-04T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 dans la biblioth\u00e8que LibTIFF permet \u00e0 un attaquant\nd\u0027ex\u00e9cuter du code arbitraire \u00e0 distance.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans LibTIFF",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT4554 du 02 mars 2011",
      "url": "http://docs.info.apple.com/article.html?artnum=HT4554"
    }
  ]
}

CERTFR-2020-AVI-420

Vulnerability from certfr_avis - Published: 2020-07-09 - Updated: 2020-07-09

De multiples vulnérabilités ont été découvertes dans les produits Juniper. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
N/A	N/A	Junos Space et Junos Space Security Director versions antérieures à 20.1R1
Juniper Networks	Junos OS Evolved	Junos OS Evolved versions antérieures à 19.1R3-EVO,19.2R2-EVO, 19.3R1-EVO, 19.3R3-EVO, 19.4R2-EVO, 19.4R2-S2-EVO, 20.1R1-EVO, 20.1R2-EVO et 20.2R1-EVO
Juniper Networks	Junos OS	Junos OS versions antérieures à 12.3R12-S15, 12.3X48-D100, 12.3X48-D95, 14.1X53-D140, 14.1X53-D54, 15.1R7-S6, 15.1R7-S7, 15.1X49-D200, 15.1X49-D210, 15.1X49-D230, 15.1X53-D593, 16.1R7-S7, 16.1R7-S8, 17.1R2-S11, 17.1R2-S12, 17.1R3-S2, 17.2R1-S9, 17.2R2-S8, 17.2R3-S3, 17.2R3-S4, 17.2X75-D105.19, 17.3R2-S5, 17.3R3-S6, 17.3R3-S7, 17.3R3-S8, 17.4R1-S3, 17.4R2, 17.4R2-S10, 17.4R2-S11, 17.4R2-S2, 17.4R2-S4, 17.4R2-S8, 17.4R2-S9, 17.4R3, 17.4R3-S1, 17.4R3-S2, 18.1R2, 18.1R3-S10, 18.1R3-S2, 18.1R3-S5, 18.1R3-S8, 18.1R3-S9, 18.2R1, 18.2R2, 18.2R2-S6, 18.2R2-S7, 18.2R3, 18.2R3-S3, 18.2R3-S4, 18.2R3-S5, 18.2X75-D10, 18.2X75-D13, 18.2X75-D32, 18.2X75-D33, 18.2X75-D34, 18.2X75-D40, 18.2X75-D41, 18.2X75-D411.1, 18.2X75-D420, 18.2X75-D420.18, 18.2X75-D430, 18.2X75-D50, 18.2X75-D52, 18.2X75-D52.3, 18.2X75-D52.8, 18.2X75-D53, 18.2X75-D60, 18.2X75-D60.2, 18.2X75-D65, 18.2X75-D65.1, 18.2X75-D70, 18.2X75-D70;(1), 18.3R1-S2, 18.3R1-S7, 18.3R2, 18.3R2-S3, 18.3R2-S4, 18.3R3, 18.3R3-S1, 18.3R3-S2, 18.4R1, 18.4R1-S5, 18.4R1-S6, 18.4R1-S7, 18.4R2, 18.4R2-S4, 18.4R2-S5, 18.4R3, 18.4R3-S1, 18.4R3-S2, 18.4R3-S3(2), 19.1R1-S4, 19.1R1-S5, 19.1R2, 19.1R2-S1, 19.1R2-S2, 19.1R3, 19.1R3-S2, 19.2R1, 19.2R1-S2, 19.2R1-S3, 19.2R1-S4, 19.2R1-S5, 19.2R2, 19.2R3, 19.3R2, 19.3R2-S2, 19.3R2-S3, 19.3R3, 19.4R1, 19.4R1-S1, 19.4R1-S2, 19.4R1-S3, 19.4R2, 19.4R3, 20.1R1, 20.1R1-S1, 20.1R1-S2, 20.1R2 et 20.2R1

References

Title

Publication Time

Tags

Bulletin de sécurité Juniper JSA11038 du 08 juillet 2020	None	vendor-advisory
Bulletin de sécurité Juniper JSA11024 du 08 juillet 2020	None	vendor-advisory
Bulletin de sécurité Juniper JSA11026 du 08 juillet 2020	None	vendor-advisory
Bulletin de sécurité Juniper JSA11027 du 08 juillet 2020	None	vendor-advisory
Bulletin de sécurité Juniper JSA11035 du 08 juillet 2020	None	vendor-advisory
Bulletin de sécurité Juniper JSA11023 du 08 juillet 2020	None	vendor-advisory
Bulletin de sécurité Juniper JSA11025 du 08 juillet 2020	None	vendor-advisory
Bulletin de sécurité Juniper JSA11034 du 08 juillet 2020	None	vendor-advisory
Bulletin de sécurité Juniper JSA11033 du 08 juillet 2020	None	vendor-advisory
Bulletin de sécurité Juniper JSA11032 du 08 juillet 2020	None	vendor-advisory
Bulletin de sécurité Juniper JSA11036 du 08 juillet 2020	None	vendor-advisory
Bulletin de sécurité Juniper JSA11031 du 08 juillet 2020	None	vendor-advisory
Bulletin de sécurité Juniper JSA11030 du 08 juillet 2020	None	vendor-advisory
Bulletin de sécurité Juniper JSA11037 du 08 juillet 2020	None	vendor-advisory
Bulletin de sécurité Juniper JSA11028 du 08 juillet 2020	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Junos Space et Junos Space Security Director versions ant\u00e9rieures \u00e0 20.1R1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS Evolved versions ant\u00e9rieures \u00e0 19.1R3-EVO,19.2R2-EVO, 19.3R1-EVO, 19.3R3-EVO, 19.4R2-EVO, 19.4R2-S2-EVO, 20.1R1-EVO, 20.1R2-EVO et 20.2R1-EVO",
      "product": {
        "name": "Junos OS Evolved",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions ant\u00e9rieures \u00e0 12.3R12-S15, 12.3X48-D100, 12.3X48-D95, 14.1X53-D140, 14.1X53-D54, 15.1R7-S6, 15.1R7-S7, 15.1X49-D200, 15.1X49-D210, 15.1X49-D230, 15.1X53-D593, 16.1R7-S7, 16.1R7-S8, 17.1R2-S11, 17.1R2-S12, 17.1R3-S2, 17.2R1-S9, 17.2R2-S8, 17.2R3-S3, 17.2R3-S4, 17.2X75-D105.19, 17.3R2-S5, 17.3R3-S6, 17.3R3-S7, 17.3R3-S8, 17.4R1-S3, 17.4R2, 17.4R2-S10, 17.4R2-S11, 17.4R2-S2, 17.4R2-S4, 17.4R2-S8, 17.4R2-S9, 17.4R3, 17.4R3-S1, 17.4R3-S2, 18.1R2, 18.1R3-S10, 18.1R3-S2, 18.1R3-S5, 18.1R3-S8, 18.1R3-S9, 18.2R1, 18.2R2, 18.2R2-S6, 18.2R2-S7, 18.2R3, 18.2R3-S3, 18.2R3-S4, 18.2R3-S5, 18.2X75-D10, 18.2X75-D13, 18.2X75-D32, 18.2X75-D33, 18.2X75-D34, 18.2X75-D40, 18.2X75-D41, 18.2X75-D411.1, 18.2X75-D420, 18.2X75-D420.18, 18.2X75-D430, 18.2X75-D50, 18.2X75-D52, 18.2X75-D52.3, 18.2X75-D52.8, 18.2X75-D53, 18.2X75-D60, 18.2X75-D60.2, 18.2X75-D65, 18.2X75-D65.1, 18.2X75-D70, 18.2X75-D70;(*1), 18.3R1-S2, 18.3R1-S7, 18.3R2, 18.3R2-S3, 18.3R2-S4, 18.3R3, 18.3R3-S1, 18.3R3-S2, 18.4R1, 18.4R1-S5, 18.4R1-S6, 18.4R1-S7, 18.4R2, 18.4R2-S4, 18.4R2-S5, 18.4R3, 18.4R3-S1, 18.4R3-S2, 18.4R3-S3(*2), 19.1R1-S4, 19.1R1-S5, 19.1R2, 19.1R2-S1, 19.1R2-S2, 19.1R3, 19.1R3-S2, 19.2R1, 19.2R1-S2, 19.2R1-S3, 19.2R1-S4, 19.2R1-S5, 19.2R2, 19.2R3, 19.3R2, 19.3R2-S2, 19.3R2-S3, 19.3R3, 19.4R1, 19.4R1-S1, 19.4R1-S2, 19.4R1-S3, 19.4R2, 19.4R3, 20.1R1, 20.1R1-S1, 20.1R1-S2, 20.1R2 et 20.2R1",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2011-1167",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1167"
    },
    {
      "name": "CVE-2016-2324",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-2324"
    },
    {
      "name": "CVE-2013-1960",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1960"
    },
    {
      "name": "CVE-2012-4447",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-4447"
    },
    {
      "name": "CVE-2016-3991",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3991"
    },
    {
      "name": "CVE-2016-1838",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1838"
    },
    {
      "name": "CVE-2014-7826",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-7826"
    },
    {
      "name": "CVE-2020-1648",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-1648"
    },
    {
      "name": "CVE-2016-3621",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3621"
    },
    {
      "name": "CVE-2011-0192",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0192"
    },
    {
      "name": "CVE-2016-1000341",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1000341"
    },
    {
      "name": "CVE-2016-6662",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6662"
    },
    {
      "name": "CVE-2019-0169",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0169"
    },
    {
      "name": "CVE-2019-11097",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11097"
    },
    {
      "name": "CVE-2009-2347",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2347"
    },
    {
      "name": "CVE-2014-3634",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-3634"
    },
    {
      "name": "CVE-2016-1000343",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1000343"
    },
    {
      "name": "CVE-2015-1782",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1782"
    },
    {
      "name": "CVE-2017-13098",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13098"
    },
    {
      "name": "CVE-2019-11132",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11132"
    },
    {
      "name": "CVE-2014-7825",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-7825"
    },
    {
      "name": "CVE-2016-6136",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6136"
    },
    {
      "name": "CVE-2020-1646",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-1646"
    },
    {
      "name": "CVE-2019-11086",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11086"
    },
    {
      "name": "CVE-2017-7895",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7895"
    },
    {
      "name": "CVE-2012-1173",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1173"
    },
    {
      "name": "CVE-2012-2088",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-2088"
    },
    {
      "name": "CVE-2014-9938",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-9938"
    },
    {
      "name": "CVE-2015-1158",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1158"
    },
    {
      "name": "CVE-2020-1651",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-1651"
    },
    {
      "name": "CVE-2010-2067",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2067"
    },
    {
      "name": "CVE-2019-11106",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11106"
    },
    {
      "name": "CVE-2016-1000346",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1000346"
    },
    {
      "name": "CVE-2016-3945",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3945"
    },
    {
      "name": "CVE-2016-4447",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4447"
    },
    {
      "name": "CVE-2016-4448",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4448"
    },
    {
      "name": "CVE-2020-1645",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-1645"
    },
    {
      "name": "CVE-2016-1000345",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1000345"
    },
    {
      "name": "CVE-2020-1640",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-1640"
    },
    {
      "name": "CVE-2013-4244",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-4244"
    },
    {
      "name": "CVE-2016-3705",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3705"
    },
    {
      "name": "CVE-2020-1643",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-1643"
    },
    {
      "name": "CVE-2018-16881",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-16881"
    },
    {
      "name": "CVE-2015-7940",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7940"
    },
    {
      "name": "CVE-2017-1000117",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-1000117"
    },
    {
      "name": "CVE-2012-5581",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-5581"
    },
    {
      "name": "CVE-2016-1000338",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1000338"
    },
    {
      "name": "CVE-2014-3690",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-3690"
    },
    {
      "name": "CVE-2018-1000613",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-1000613"
    },
    {
      "name": "CVE-2017-12588",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-12588"
    },
    {
      "name": "CVE-2016-0787",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0787"
    },
    {
      "name": "CVE-2016-1834",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1834"
    },
    {
      "name": "CVE-2016-9555",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-9555"
    },
    {
      "name": "CVE-2013-1624",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1624"
    },
    {
      "name": "CVE-2016-3990",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3990"
    },
    {
      "name": "CVE-2019-0168",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0168"
    },
    {
      "name": "CVE-2018-1000021",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-1000021"
    },
    {
      "name": "CVE-2019-11103",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11103"
    },
    {
      "name": "CVE-2014-9679",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-9679"
    },
    {
      "name": "CVE-2020-1647",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-1647"
    },
    {
      "name": "CVE-2019-11107",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11107"
    },
    {
      "name": "CVE-2020-1652",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-1652"
    },
    {
      "name": "CVE-2017-14867",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-14867"
    },
    {
      "name": "CVE-2009-5022",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-5022"
    },
    {
      "name": "CVE-2016-1835",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1835"
    },
    {
      "name": "CVE-2019-3856",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-3856"
    },
    {
      "name": "CVE-2020-1650",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-1650"
    },
    {
      "name": "CVE-2016-1000342",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1000342"
    },
    {
      "name": "CVE-2019-3863",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-3863"
    },
    {
      "name": "CVE-2016-1836",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1836"
    },
    {
      "name": "CVE-2019-11110",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11110"
    },
    {
      "name": "CVE-2013-0169",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0169"
    },
    {
      "name": "CVE-2016-1000339",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1000339"
    },
    {
      "name": "CVE-2008-2327",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-2327"
    },
    {
      "name": "CVE-2017-9935",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-9935"
    },
    {
      "name": "CVE-2018-3639",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3639"
    },
    {
      "name": "CVE-2018-5382",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-5382"
    },
    {
      "name": "CVE-2014-9584",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-9584"
    },
    {
      "name": "CVE-2019-11102",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11102"
    },
    {
      "name": "CVE-2019-3862",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-3862"
    },
    {
      "name": "CVE-2019-11088",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11088"
    },
    {
      "name": "CVE-2019-11105",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11105"
    },
    {
      "name": "CVE-2016-5616",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-5616"
    },
    {
      "name": "CVE-2015-1421",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1421"
    },
    {
      "name": "CVE-2014-9529",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-9529"
    },
    {
      "name": "CVE-2020-1654",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-1654"
    },
    {
      "name": "CVE-2013-1961",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1961"
    },
    {
      "name": "CVE-2015-7082",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7082"
    },
    {
      "name": "CVE-2006-2193",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-2193"
    },
    {
      "name": "CVE-2014-8171",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-8171"
    },
    {
      "name": "CVE-2006-2656",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-2656"
    },
    {
      "name": "CVE-2019-11101",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11101"
    },
    {
      "name": "CVE-2016-1833",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1833"
    },
    {
      "name": "CVE-2018-11233",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-11233"
    },
    {
      "name": "CVE-2013-4232",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-4232"
    },
    {
      "name": "CVE-2013-4243",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-4243"
    },
    {
      "name": "CVE-2016-3627",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3627"
    },
    {
      "name": "CVE-2011-3200",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3200"
    },
    {
      "name": "CVE-2016-1840",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1840"
    },
    {
      "name": "CVE-2017-15298",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-15298"
    },
    {
      "name": "CVE-2014-8884",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-8884"
    },
    {
      "name": "CVE-2015-1159",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1159"
    },
    {
      "name": "CVE-2016-1762",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1762"
    },
    {
      "name": "CVE-2019-11131",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11131"
    },
    {
      "name": "CVE-2020-1641",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-1641"
    },
    {
      "name": "CVE-2019-11090",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11090"
    },
    {
      "name": "CVE-2013-4758",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-4758"
    },
    {
      "name": "CVE-2016-1837",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1837"
    },
    {
      "name": "CVE-2019-0131",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0131"
    },
    {
      "name": "CVE-2019-11109",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11109"
    },
    {
      "name": "CVE-2016-5314",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-5314"
    },
    {
      "name": "CVE-2016-1839",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1839"
    },
    {
      "name": "CVE-2016-1000352",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1000352"
    },
    {
      "name": "CVE-2010-2065",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2065"
    },
    {
      "name": "CVE-2019-0166",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0166"
    },
    {
      "name": "CVE-2010-1411",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1411"
    },
    {
      "name": "CVE-2016-3632",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3632"
    },
    {
      "name": "CVE-2019-3855",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-3855"
    },
    {
      "name": "CVE-2015-7547",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7547"
    },
    {
      "name": "CVE-2020-1649",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-1649"
    },
    {
      "name": "CVE-2019-3857",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-3857"
    },
    {
      "name": "CVE-2012-4564",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-4564"
    },
    {
      "name": "CVE-2012-2113",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-2113"
    },
    {
      "name": "CVE-2019-11104",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11104"
    },
    {
      "name": "CVE-2019-11087",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11087"
    },
    {
      "name": "CVE-2016-1000344",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1000344"
    },
    {
      "name": "CVE-2019-11108",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11108"
    },
    {
      "name": "CVE-2014-3215",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-3215"
    },
    {
      "name": "CVE-2018-11235",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-11235"
    },
    {
      "name": "CVE-2016-6663",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6663"
    },
    {
      "name": "CVE-2018-19486",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-19486"
    },
    {
      "name": "CVE-2015-7545",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7545"
    },
    {
      "name": "CVE-2016-4449",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4449"
    },
    {
      "name": "CVE-2019-1551",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-1551"
    },
    {
      "name": "CVE-2019-11100",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11100"
    },
    {
      "name": "CVE-2018-5360",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-5360"
    },
    {
      "name": "CVE-2018-1000180",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-1000180"
    },
    {
      "name": "CVE-2019-0165",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0165"
    },
    {
      "name": "CVE-2020-1644",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-1644"
    },
    {
      "name": "CVE-2019-11147",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11147"
    },
    {
      "name": "CVE-2012-3401",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3401"
    },
    {
      "name": "CVE-2019-0211",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0211"
    },
    {
      "name": "CVE-2014-3683",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-3683"
    }
  ],
  "initial_release_date": "2020-07-09T00:00:00",
  "last_revision_date": "2020-07-09T00:00:00",
  "links": [],
  "reference": "CERTFR-2020-AVI-420",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2020-07-09T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nJuniper. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et un contournement de la politique de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11038 du 08 juillet 2020",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11038\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11024 du 08 juillet 2020",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11024\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11026 du 08 juillet 2020",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11026\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11027 du 08 juillet 2020",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11027\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11035 du 08 juillet 2020",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11035\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11023 du 08 juillet 2020",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11023\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11025 du 08 juillet 2020",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11025\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11034 du 08 juillet 2020",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11034\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11033 du 08 juillet 2020",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11033\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11032 du 08 juillet 2020",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11032\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11036 du 08 juillet 2020",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11036\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11031 du 08 juillet 2020",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11031\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11030 du 08 juillet 2020",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11030\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11037 du 08 juillet 2020",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11037\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11028 du 08 juillet 2020",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11028\u0026cat=SIRT_1\u0026actp=LIST"
    }
  ]
}

CERTA-2011-AVI-151

Vulnerability from certfr_avis - Published: 2011-03-11 - Updated: 2011-03-11

De multiples vulnérabilités affectent Apple iOS versions 4.2 et antérieures. Certaines permettent l'exécution de code arbitraire à distance.

Description

De multiples vulnérabilités ont été corrigées dans différents composants du système d'exploitation Apple iOS, notamment dans :

CoreGraphics ;
ImageIO ;
libxml ;
Networking ;
Safari ;
WebKit ;
Wi-Fi.

Parmis ces vulnérabilités, certaines permettent l'exécution de code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Apple iOS 4.2.1 et antérieures.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Apple HT4564 du 09 mars 2011

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cp\u003eApple iOS 4.2.1 et ant\u00e9rieures.\u003c/p\u003e",
  "content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans diff\u00e9rents composants\ndu syst\u00e8me d\u0027exploitation Apple iOS, notamment dans :\n\n-   CoreGraphics ;\n-   ImageIO ;\n-   libxml ;\n-   Networking ;\n-   Safari ;\n-   WebKit ;\n-   Wi-Fi.\n\nParmis ces vuln\u00e9rabilit\u00e9s, certaines permettent l\u0027ex\u00e9cution de code\narbitraire \u00e0 distance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2011-0153",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0153"
    },
    {
      "name": "CVE-2011-0138",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0138"
    },
    {
      "name": "CVE-2011-0156",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0156"
    },
    {
      "name": "CVE-2011-0192",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0192"
    },
    {
      "name": "CVE-2011-0120",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0120"
    },
    {
      "name": "CVE-2011-0115",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0115"
    },
    {
      "name": "CVE-2011-0112",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0112"
    },
    {
      "name": "CVE-2011-0113",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0113"
    },
    {
      "name": "CVE-2011-0140",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0140"
    },
    {
      "name": "CVE-2010-4494",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4494"
    },
    {
      "name": "CVE-2011-0148",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0148"
    },
    {
      "name": "CVE-2011-0127",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0127"
    },
    {
      "name": "CVE-2011-0163",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0163"
    },
    {
      "name": "CVE-2010-1792",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1792"
    },
    {
      "name": "CVE-2011-0142",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0142"
    },
    {
      "name": "CVE-2011-0150",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0150"
    },
    {
      "name": "CVE-2011-0122",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0122"
    },
    {
      "name": "CVE-2011-0118",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0118"
    },
    {
      "name": "CVE-2011-0129",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0129"
    },
    {
      "name": "CVE-2011-0191",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0191"
    },
    {
      "name": "CVE-2011-0160",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0160"
    },
    {
      "name": "CVE-2011-0149",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0149"
    },
    {
      "name": "CVE-2011-0151",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0151"
    },
    {
      "name": "CVE-2011-0126",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0126"
    },
    {
      "name": "CVE-2011-0155",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0155"
    },
    {
      "name": "CVE-2011-0125",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0125"
    },
    {
      "name": "CVE-2011-0158",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0158"
    },
    {
      "name": "CVE-2011-0119",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0119"
    },
    {
      "name": "CVE-2011-0161",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0161"
    },
    {
      "name": "CVE-2011-0123",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0123"
    },
    {
      "name": "CVE-2011-0145",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0145"
    },
    {
      "name": "CVE-2011-0121",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0121"
    },
    {
      "name": "CVE-2011-0128",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0128"
    },
    {
      "name": "CVE-2010-3855",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3855"
    },
    {
      "name": "CVE-2011-0141",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0141"
    },
    {
      "name": "CVE-2011-0152",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0152"
    },
    {
      "name": "CVE-2011-0134",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0134"
    },
    {
      "name": "CVE-2011-0114",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0114"
    },
    {
      "name": "CVE-2011-0135",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0135"
    },
    {
      "name": "CVE-2011-0124",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0124"
    },
    {
      "name": "CVE-2011-0132",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0132"
    },
    {
      "name": "CVE-2011-0162",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0162"
    },
    {
      "name": "CVE-2011-0159",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0159"
    },
    {
      "name": "CVE-2011-0130",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0130"
    },
    {
      "name": "CVE-2011-0143",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0143"
    },
    {
      "name": "CVE-2011-0111",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0111"
    },
    {
      "name": "CVE-2011-0117",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0117"
    },
    {
      "name": "CVE-2011-0154",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0154"
    },
    {
      "name": "CVE-2011-0146",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0146"
    },
    {
      "name": "CVE-2010-1824",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1824"
    },
    {
      "name": "CVE-2011-0144",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0144"
    },
    {
      "name": "CVE-2011-0147",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0147"
    },
    {
      "name": "CVE-2011-0131",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0131"
    },
    {
      "name": "CVE-2011-0168",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0168"
    },
    {
      "name": "CVE-2011-0136",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0136"
    },
    {
      "name": "CVE-2011-0133",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0133"
    },
    {
      "name": "CVE-2011-0157",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0157"
    },
    {
      "name": "CVE-2011-0137",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0137"
    },
    {
      "name": "CVE-2011-0116",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0116"
    }
  ],
  "initial_release_date": "2011-03-11T00:00:00",
  "last_revision_date": "2011-03-11T00:00:00",
  "links": [],
  "reference": "CERTA-2011-AVI-151",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2011-03-11T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s affectent Apple iOS versions 4.2 et\nant\u00e9rieures. Certaines permettent l\u0027ex\u00e9cution de code arbitraire \u00e0\ndistance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Apple iOS",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT4564 du 09 mars 2011",
      "url": "http://support.apple.com/kb/HT4564"
    }
  ]
}

CERTA-2011-AVI-450

Vulnerability from certfr_avis - Published: 2011-08-11 - Updated: 2011-08-11

Plusieurs vulnérabilités ont été corrigées dans BlackBerry Enterprise Server, qui permettent l'exécution de code arbitraire à distance.

Description

Plusieurs vulnérabilités ont été corrigées dans des bibliothèques de traitement des images intégrées dans BlackBerry Enterprise Server. Une exploitation peut se faire en incitant un utilisateur à visiter avec son ordiphone un site Web contenant une page spécialement conçue ; une autre consiste à l'envoi d'une image PNG ou TIFF spécialement conçue via un email à un utilisateur (l'exploitation a lieu même si l'utilisateur n'ouvre pas le message). Dans les deux cas, le résultat de l'exploitation réussie de ces vulnérabilités est l'exécution de code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Microsoft	N/A	BlackBerry Enterprise Server versions 5.0.1 à 5.0.3 MR2 pour Microsoft Exchange ;
N/A	N/A	BlackBerry Enterprise Server Express versions 5.0.1 et 5.0.2 pour IBM Lotus Domino.
Microsoft	N/A	BlackBerry Enterprise Server Express versions 5.0.1 à 5.0.3 pour Microsoft Exchange ;
N/A	N/A	BlackBerry Enterprise Server versions 5.0.1 à 5.0.3 MR2 pour IBM Lotus Domino ;
Novell	N/A	BlackBerry Enterprise Server version 4.1.7 et versions 5.0.1 à 5.0.1 MR3 pour Novell Groupwise ;

References

Title

Publication Time

Tags

Bulletin de sécurité BlackBerry KB27244 du 09 août 2011

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "BlackBerry Enterprise Server versions 5.0.1 \u00e0 5.0.3 MR2 pour Microsoft Exchange ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "BlackBerry Enterprise Server Express versions 5.0.1 et 5.0.2 pour IBM Lotus Domino.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "BlackBerry Enterprise Server Express versions 5.0.1 \u00e0 5.0.3 pour Microsoft Exchange ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "BlackBerry Enterprise Server versions 5.0.1 \u00e0 5.0.3 MR2 pour IBM Lotus Domino ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "BlackBerry Enterprise Server version 4.1.7 et versions 5.0.1 \u00e0 5.0.1 MR3 pour Novell Groupwise ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Novell",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans des biblioth\u00e8ques de\ntraitement des images int\u00e9gr\u00e9es dans BlackBerry Enterprise Server. Une\nexploitation peut se faire en incitant un utilisateur \u00e0 visiter avec son\nordiphone un site Web contenant une page sp\u00e9cialement con\u00e7ue ; une autre\nconsiste \u00e0 l\u0027envoi d\u0027une image PNG ou TIFF sp\u00e9cialement con\u00e7ue via un\nemail \u00e0 un utilisateur (l\u0027exploitation a lieu m\u00eame si l\u0027utilisateur\nn\u0027ouvre pas le message). Dans les deux cas, le r\u00e9sultat de\nl\u0027exploitation r\u00e9ussie de ces vuln\u00e9rabilit\u00e9s est l\u0027ex\u00e9cution de code\narbitraire \u00e0 distance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2011-1167",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1167"
    },
    {
      "name": "CVE-2011-0192",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0192"
    },
    {
      "name": "CVE-2010-2595",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2595"
    },
    {
      "name": "CVE-2010-1205",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1205"
    },
    {
      "name": "CVE-2010-3087",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3087"
    }
  ],
  "initial_release_date": "2011-08-11T00:00:00",
  "last_revision_date": "2011-08-11T00:00:00",
  "links": [],
  "reference": "CERTA-2011-AVI-450",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2011-08-11T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Plusieurs vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans BlackBerry Enterprise\nServer, qui permettent l\u0027ex\u00e9cution de code arbitraire \u00e0 distance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans BlackBerry Enterprise Server",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 BlackBerry KB27244 du 09 ao\u00fbt 2011",
      "url": "http://btsc.webapps.blackberry.com/btsc/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=KB27244"
    }
  ]
}

FKIE_CVE-2011-0192

Vulnerability from fkie_nvd - Published: 2011-03-03 20:00 - Updated: 2025-04-11 00:51

Severity ?

Summary

References

URL	Tags
product-security@apple.com	http://blackberry.com/btsc/KB27244
product-security@apple.com	http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html
product-security@apple.com	http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html
product-security@apple.com	http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html
product-security@apple.com	http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html
product-security@apple.com	http://lists.apple.com/archives/security-announce/2011//Mar/msg00005.html
product-security@apple.com	http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html	Patch, Vendor Advisory
product-security@apple.com	http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html
product-security@apple.com	http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057763.html
product-security@apple.com	http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057840.html
product-security@apple.com	http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055240.html
product-security@apple.com	http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055683.html
product-security@apple.com	http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html
product-security@apple.com	http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html
product-security@apple.com	http://secunia.com/advisories/43585
product-security@apple.com	http://secunia.com/advisories/43593
product-security@apple.com	http://secunia.com/advisories/43664
product-security@apple.com	http://secunia.com/advisories/43934
product-security@apple.com	http://secunia.com/advisories/44117
product-security@apple.com	http://secunia.com/advisories/44135
product-security@apple.com	http://secunia.com/advisories/50726
product-security@apple.com	http://security.gentoo.org/glsa/glsa-201209-02.xml
product-security@apple.com	http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.587820
product-security@apple.com	http://support.apple.com/kb/HT4554	Vendor Advisory
product-security@apple.com	http://support.apple.com/kb/HT4564
product-security@apple.com	http://support.apple.com/kb/HT4565
product-security@apple.com	http://support.apple.com/kb/HT4566
product-security@apple.com	http://support.apple.com/kb/HT4581
product-security@apple.com	http://support.apple.com/kb/HT4999
product-security@apple.com	http://support.apple.com/kb/HT5001
product-security@apple.com	http://www.debian.org/security/2011/dsa-2210
product-security@apple.com	http://www.mandriva.com/security/advisories?name=MDVSA-2011:043
product-security@apple.com	http://www.redhat.com/support/errata/RHSA-2011-0318.html
product-security@apple.com	http://www.securityfocus.com/bid/46658
product-security@apple.com	http://www.securitytracker.com/id?1025153
product-security@apple.com	http://www.vupen.com/english/advisories/2011/0551
product-security@apple.com	http://www.vupen.com/english/advisories/2011/0599
product-security@apple.com	http://www.vupen.com/english/advisories/2011/0621
product-security@apple.com	http://www.vupen.com/english/advisories/2011/0845
product-security@apple.com	http://www.vupen.com/english/advisories/2011/0905
product-security@apple.com	http://www.vupen.com/english/advisories/2011/0930
product-security@apple.com	http://www.vupen.com/english/advisories/2011/0960
product-security@apple.com	https://bugzilla.redhat.com/show_bug.cgi?id=678635
af854a3a-2127-422b-91ae-364da2661108	http://blackberry.com/btsc/KB27244
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2011//Mar/msg00005.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057763.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057840.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055240.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055683.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/43585
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/43593
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/43664
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/43934
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/44117
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/44135
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/50726
af854a3a-2127-422b-91ae-364da2661108	http://security.gentoo.org/glsa/glsa-201209-02.xml
af854a3a-2127-422b-91ae-364da2661108	http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.587820
af854a3a-2127-422b-91ae-364da2661108	http://support.apple.com/kb/HT4554	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://support.apple.com/kb/HT4564
af854a3a-2127-422b-91ae-364da2661108	http://support.apple.com/kb/HT4565
af854a3a-2127-422b-91ae-364da2661108	http://support.apple.com/kb/HT4566
af854a3a-2127-422b-91ae-364da2661108	http://support.apple.com/kb/HT4581
af854a3a-2127-422b-91ae-364da2661108	http://support.apple.com/kb/HT4999
af854a3a-2127-422b-91ae-364da2661108	http://support.apple.com/kb/HT5001
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2011/dsa-2210
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDVSA-2011:043
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2011-0318.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/46658
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1025153
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2011/0551
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2011/0599
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2011/0621
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2011/0845
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2011/0905
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2011/0930
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2011/0960
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/show_bug.cgi?id=678635

Impacted products

Vendor	Product	Version
apple	itunes	*
apple	itunes	4.0.0
apple	itunes	4.0.1
apple	itunes	4.1.0
apple	itunes	4.2.0
apple	itunes	4.5
apple	itunes	4.5.0
apple	itunes	4.6
apple	itunes	4.6.0
apple	itunes	4.7
apple	itunes	4.7.0
apple	itunes	4.7.1
apple	itunes	4.7.2
apple	itunes	4.8.0
apple	itunes	4.9.0
apple	itunes	5.0
apple	itunes	5.0.0
apple	itunes	5.0.1
apple	itunes	6.0.0
apple	itunes	6.0.1
apple	itunes	6.0.2
apple	itunes	6.0.3
apple	itunes	6.0.4
apple	itunes	6.0.4.2
apple	itunes	6.0.5
apple	itunes	7.0.0
apple	itunes	7.0.1
apple	itunes	7.0.2
apple	itunes	7.1.0
apple	itunes	7.1.1
apple	itunes	7.2.0
apple	itunes	7.3.0
apple	itunes	7.3.1
apple	itunes	7.3.2
apple	itunes	7.4
apple	itunes	7.4.0
apple	itunes	7.4.1
apple	itunes	7.4.2
apple	itunes	7.4.3
apple	itunes	7.5
apple	itunes	7.5.0
apple	itunes	7.6
apple	itunes	7.6.0
apple	itunes	7.6.1
apple	itunes	7.6.2
apple	itunes	7.7
apple	itunes	7.7.0
apple	itunes	7.7.1
apple	itunes	8.0.0
apple	itunes	8.0.1
apple	itunes	8.0.2
apple	itunes	8.1
apple	itunes	8.1.1
apple	itunes	8.2
apple	itunes	8.2.1
apple	itunes	9.0.0
apple	itunes	9.0.1
apple	itunes	9.0.2
apple	itunes	9.0.3
apple	itunes	9.2
apple	itunes	9.2.1
apple	itunes	10.0
apple	itunes	10.0.1
apple	itunes	10.1
apple	itunes	10.1.1
microsoft	windows	*
microsoft	windows_7	*
microsoft	windows_vista	*
microsoft	windows_vista	*
microsoft	windows_vista	*
microsoft	windows_xp	*
microsoft	windows_xp	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E40F7857-8F3F-4707-B3AA-A12C0731BB83",
              "versionEndIncluding": "10.1.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:4.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CBD58D1-C40D-4F6D-816F-A3842897EB05",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:4.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C910CA4-5EA5-4507-BDE9-3E6C1434B666",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:4.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0415D4B8-0281-4ED5-B3A1-A97BDD0F8D36",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:4.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1B4195D-1550-42D1-B562-0E438F7ACC2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4B6A66A-AC5F-48E0-ABCE-68828207B106",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:4.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1206A192-A22C-4C55-A323-1D28D89BED21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "071BFB1F-402B-4D8C-8155-671792AEDB81",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:4.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "52E156DE-12B4-4E7A-B8C4-C2FC0AC2B2C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCBA60E9-C5B5-4B4C-9FA3-7FE0F3F6871C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:4.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "93748DFC-6003-4BED-87F9-98713F6897EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:4.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFB9D7E1-B715-4A93-9CDB-99A89C7D85B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:4.7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A8873F1-4792-41A1-83B5-B85C9F4A7D56",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:4.8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB84AFE4-2694-475A-80D3-4D50C524EE18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:4.9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB20AA2E-5DF0-420C-A1FE-BB6EBA9649FE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B48FDD0A-6DE5-44DD-B144-32B91DB26C7E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:5.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8343D87F-FA37-4225-B27D-BCCDD2433C31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B591AE1E-02DB-462A-B71F-48947525D232",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:6.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "34B5892B-0377-4D81-9E0E-94B8D8CE72C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2276BED4-82F0-4F62-AA6F-7E1667F28E3A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:6.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "45D47548-1C4D-4368-99D1-929905DD6B3A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:6.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "28AE8D2D-63CA-4091-9D59-CE919EB1FD75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:6.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC9E22D2-551A-4CDF-B9F0-C45A3A2B7695",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:6.0.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "52A433A5-3EFF-405D-8285-97EC88857968",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:6.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D62A1C5D-C25E-4E56-8FD0-F90C8E39C7F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "582D1FE8-C4E8-4385-B4EB-34320F019E43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF61CE34-5130-4B1A-B7A2-B28C1A18B9BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FEE6DEC-9B26-47F4-A2CF-CA49981C8864",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:7.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2223B8E2-346A-4C37-9F6C-879F9CA64C06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:7.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "93E5227C-0621-43EE-A0F2-4B4545D71852",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:7.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB69B123-7A09-4855-9846-E8ACACB3C6F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:7.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0CC53F2-3827-4CA3-8726-C481B57B4AB2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:7.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C1AFF8F-BBCA-4C93-A401-F8B478327BFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:7.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BA3571F-9221-45CD-9798-CC72CA428D6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:7.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "129ABCA4-FBF6-41B8-BF6B-65467D56D297",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:7.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "017E5A35-D778-46FD-A536-E57A13162675",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:7.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6122C685-4F02-476F-9A41-9C62D3D92651",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:7.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "17D37426-00A0-40E5-A27A-CF31D8CBAEEF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:7.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E11CADC-AFCC-4A98-9271-C35BC9752B40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:7.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "11F1530E-9E63-4A39-9056-3A946A34B650",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:7.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3856A348-A0D6-4A0A-A8C9-D369CC863A97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:7.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "29E92D8D-68AB-4FC4-A37A-D6D48829B58D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:7.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "670656BF-2BE2-41ED-854A-466DC4068FBF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:7.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FDE7F79F-54F5-4315-98BD-414CA2D1C51E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:7.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DBBF2E9F-0F37-4DDA-9704-B31D94745257",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:7.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBA5AB05-ADF6-4B5D-A4FD-9C149EC4577F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:7.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1143A4DE-F75B-4396-9D01-CE14EF8FCB39",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:7.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BDF87AB4-B3F3-4774-8CE3-A2B46C3D8DC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:8.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A02D076B-5900-401D-9B47-5136B9CEAA15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:8.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E479501-8832-41B0-A63C-360AE5A1B420",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:8.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8961EDA-B567-4D92-8DBC-F887712F3BD2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A60A3349-DE6E-4381-81C0-E682B791ED61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:8.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6EF2759C-6F94-4769-8EB2-16947C05CBB3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0F53FF4-8A15-475C-9FF6-54073A3F1B08",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:8.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "80AFD7E5-A66F-4E43-BC34-EB6BF59186D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:9.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E41B2E2A-CE22-49FD-9558-0E6C87F53425",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:9.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1950796-DA96-4443-85F4-91FE38A26612",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:9.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5EBED9A-DCF4-47FE-9A6D-4573594AA645",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:9.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F7EA3F3-576C-4661-B35F-EC34CE363125",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C3A6055-2626-4A6E-9596-9974E7437FB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:9.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "00AF4F28-A71C-4CB3-8F5F-C15500332954",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5817849-ADD0-4905-87D5-4D61DB635747",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:10.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "96E90253-3F7D-4361-819B-5D49657F4472",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "84336EBA-5EC0-4C49-B1B9-9DAB23D5C3C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:10.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CDE68E5-744B-4E18-BB74-83D7185E6A57",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_7:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D56B932B-9593-44E2-B610-E4EB2143EB21",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Buffer overflow in Fax4Decode in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF Internet Fax image file that has been compressed using CCITT Group 4 encoding, related to the EXPAND2D macro in libtiff/tif_fax3.h.  NOTE: some of these details are obtained from third party information."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de b\u00fafer en LibTIFF en ImageIO en iTunes de Apple antesrior a v10.2 en Windows permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n o causar una denegaci\u00f3n de servicio (solicitud de bloqueo) a trav\u00e9s de una imagen TIFF manipulada con CCITT Grupo 4 de codificaci\u00f3n."
    }
  ],
  "id": "CVE-2011-0192",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2011-03-03T20:00:02.643",
  "references": [
    {
      "source": "product-security@apple.com",
      "url": "http://blackberry.com/btsc/KB27244"
    },
    {
      "source": "product-security@apple.com",
      "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html"
    },
    {
      "source": "product-security@apple.com",
      "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html"
    },
    {
      "source": "product-security@apple.com",
      "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html"
    },
    {
      "source": "product-security@apple.com",
      "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html"
    },
    {
      "source": "product-security@apple.com",
      "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00005.html"
    },
    {
      "source": "product-security@apple.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html"
    },
    {
      "source": "product-security@apple.com",
      "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
    },
    {
      "source": "product-security@apple.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057763.html"
    },
    {
      "source": "product-security@apple.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057840.html"
    },
    {
      "source": "product-security@apple.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055240.html"
    },
    {
      "source": "product-security@apple.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055683.html"
    },
    {
      "source": "product-security@apple.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"
    },
    {
      "source": "product-security@apple.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html"
    },
    {
      "source": "product-security@apple.com",
      "url": "http://secunia.com/advisories/43585"
    },
    {
      "source": "product-security@apple.com",
      "url": "http://secunia.com/advisories/43593"
    },
    {
      "source": "product-security@apple.com",
      "url": "http://secunia.com/advisories/43664"
    },
    {
      "source": "product-security@apple.com",
      "url": "http://secunia.com/advisories/43934"
    },
    {
      "source": "product-security@apple.com",
      "url": "http://secunia.com/advisories/44117"
    },
    {
      "source": "product-security@apple.com",
      "url": "http://secunia.com/advisories/44135"
    },
    {
      "source": "product-security@apple.com",
      "url": "http://secunia.com/advisories/50726"
    },
    {
      "source": "product-security@apple.com",
      "url": "http://security.gentoo.org/glsa/glsa-201209-02.xml"
    },
    {
      "source": "product-security@apple.com",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2011\u0026m=slackware-security.587820"
    },
    {
      "source": "product-security@apple.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://support.apple.com/kb/HT4554"
    },
    {
      "source": "product-security@apple.com",
      "url": "http://support.apple.com/kb/HT4564"
    },
    {
      "source": "product-security@apple.com",
      "url": "http://support.apple.com/kb/HT4565"
    },
    {
      "source": "product-security@apple.com",
      "url": "http://support.apple.com/kb/HT4566"
    },
    {
      "source": "product-security@apple.com",
      "url": "http://support.apple.com/kb/HT4581"
    },
    {
      "source": "product-security@apple.com",
      "url": "http://support.apple.com/kb/HT4999"
    },
    {
      "source": "product-security@apple.com",
      "url": "http://support.apple.com/kb/HT5001"
    },
    {
      "source": "product-security@apple.com",
      "url": "http://www.debian.org/security/2011/dsa-2210"
    },
    {
      "source": "product-security@apple.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:043"
    },
    {
      "source": "product-security@apple.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2011-0318.html"
    },
    {
      "source": "product-security@apple.com",
      "url": "http://www.securityfocus.com/bid/46658"
    },
    {
      "source": "product-security@apple.com",
      "url": "http://www.securitytracker.com/id?1025153"
    },
    {
      "source": "product-security@apple.com",
      "url": "http://www.vupen.com/english/advisories/2011/0551"
    },
    {
      "source": "product-security@apple.com",
      "url": "http://www.vupen.com/english/advisories/2011/0599"
    },
    {
      "source": "product-security@apple.com",
      "url": "http://www.vupen.com/english/advisories/2011/0621"
    },
    {
      "source": "product-security@apple.com",
      "url": "http://www.vupen.com/english/advisories/2011/0845"
    },
    {
      "source": "product-security@apple.com",
      "url": "http://www.vupen.com/english/advisories/2011/0905"
    },
    {
      "source": "product-security@apple.com",
      "url": "http://www.vupen.com/english/advisories/2011/0930"
    },
    {
      "source": "product-security@apple.com",
      "url": "http://www.vupen.com/english/advisories/2011/0960"
    },
    {
      "source": "product-security@apple.com",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=678635"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://blackberry.com/btsc/KB27244"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00005.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057763.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057840.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055240.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055683.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/43585"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/43593"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/43664"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/43934"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/44117"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/44135"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/50726"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-201209-02.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2011\u0026m=slackware-security.587820"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://support.apple.com/kb/HT4554"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.apple.com/kb/HT4564"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.apple.com/kb/HT4565"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.apple.com/kb/HT4566"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.apple.com/kb/HT4581"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.apple.com/kb/HT4999"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.apple.com/kb/HT5001"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2011/dsa-2210"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:043"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2011-0318.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/46658"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1025153"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2011/0551"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2011/0599"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2011/0621"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2011/0845"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2011/0905"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2011/0930"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2011/0960"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=678635"
    }
  ],
  "sourceIdentifier": "product-security@apple.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GSD-2011-0192

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2011-0192

Aliases

CVE-2011-0192

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2011-0192",
    "description": "Buffer overflow in Fax4Decode in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF Internet Fax image file that has been compressed using CCITT Group 4 encoding, related to the EXPAND2D macro in libtiff/tif_fax3.h.  NOTE: some of these details are obtained from third party information.",
    "id": "GSD-2011-0192",
    "references": [
      "https://www.suse.com/security/cve/CVE-2011-0192.html",
      "https://www.debian.org/security/2011/dsa-2210",
      "https://access.redhat.com/errata/RHSA-2011:0318",
      "https://linux.oracle.com/cve/CVE-2011-0192.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2011-0192"
      ],
      "details": "Buffer overflow in Fax4Decode in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF Internet Fax image file that has been compressed using CCITT Group 4 encoding, related to the EXPAND2D macro in libtiff/tif_fax3.h.  NOTE: some of these details are obtained from third party information.",
      "id": "GSD-2011-0192",
      "modified": "2023-12-13T01:19:04.418675Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "product-security@apple.com",
        "ID": "CVE-2011-0192",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Buffer overflow in Fax4Decode in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF Internet Fax image file that has been compressed using CCITT Group 4 encoding, related to the EXPAND2D macro in libtiff/tif_fax3.h.  NOTE: some of these details are obtained from third party information."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "ADV-2011-0845",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2011/0845"
          },
          {
            "name": "http://support.apple.com/kb/HT4564",
            "refsource": "CONFIRM",
            "url": "http://support.apple.com/kb/HT4564"
          },
          {
            "name": "SUSE-SR:2011:009",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html"
          },
          {
            "name": "http://support.apple.com/kb/HT4565",
            "refsource": "CONFIRM",
            "url": "http://support.apple.com/kb/HT4565"
          },
          {
            "name": "ADV-2011-0599",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2011/0599"
          },
          {
            "name": "SSA:2011-098-01",
            "refsource": "SLACKWARE",
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2011\u0026m=slackware-security.587820"
          },
          {
            "name": "46658",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/46658"
          },
          {
            "name": "APPLE-SA-2011-10-12-1",
            "refsource": "APPLE",
            "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html"
          },
          {
            "name": "43934",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/43934"
          },
          {
            "name": "FEDORA-2011-2498",
            "refsource": "FEDORA",
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055683.html"
          },
          {
            "name": "http://support.apple.com/kb/HT4566",
            "refsource": "CONFIRM",
            "url": "http://support.apple.com/kb/HT4566"
          },
          {
            "name": "FEDORA-2011-3836",
            "refsource": "FEDORA",
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057763.html"
          },
          {
            "name": "ADV-2011-0621",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2011/0621"
          },
          {
            "name": "ADV-2011-0905",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2011/0905"
          },
          {
            "name": "DSA-2210",
            "refsource": "DEBIAN",
            "url": "http://www.debian.org/security/2011/dsa-2210"
          },
          {
            "name": "APPLE-SA-2011-03-21-1",
            "refsource": "APPLE",
            "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
          },
          {
            "name": "SUSE-SR:2011:005",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"
          },
          {
            "name": "http://blackberry.com/btsc/KB27244",
            "refsource": "CONFIRM",
            "url": "http://blackberry.com/btsc/KB27244"
          },
          {
            "name": "RHSA-2011:0318",
            "refsource": "REDHAT",
            "url": "http://www.redhat.com/support/errata/RHSA-2011-0318.html"
          },
          {
            "name": "APPLE-SA-2011-03-02-1",
            "refsource": "APPLE",
            "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html"
          },
          {
            "name": "43664",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/43664"
          },
          {
            "name": "ADV-2011-0551",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2011/0551"
          },
          {
            "name": "GLSA-201209-02",
            "refsource": "GENTOO",
            "url": "http://security.gentoo.org/glsa/glsa-201209-02.xml"
          },
          {
            "name": "APPLE-SA-2011-03-09-1",
            "refsource": "APPLE",
            "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html"
          },
          {
            "name": "ADV-2011-0930",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2011/0930"
          },
          {
            "name": "http://support.apple.com/kb/HT4999",
            "refsource": "CONFIRM",
            "url": "http://support.apple.com/kb/HT4999"
          },
          {
            "name": "https://bugzilla.redhat.com/show_bug.cgi?id=678635",
            "refsource": "CONFIRM",
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=678635"
          },
          {
            "name": "1025153",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id?1025153"
          },
          {
            "name": "http://support.apple.com/kb/HT5001",
            "refsource": "CONFIRM",
            "url": "http://support.apple.com/kb/HT5001"
          },
          {
            "name": "http://support.apple.com/kb/HT4554",
            "refsource": "CONFIRM",
            "url": "http://support.apple.com/kb/HT4554"
          },
          {
            "name": "APPLE-SA-2011-03-09-2",
            "refsource": "APPLE",
            "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html"
          },
          {
            "name": "44135",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/44135"
          },
          {
            "name": "ADV-2011-0960",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2011/0960"
          },
          {
            "name": "43585",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/43585"
          },
          {
            "name": "APPLE-SA-2011-03-09-3",
            "refsource": "APPLE",
            "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00005.html"
          },
          {
            "name": "44117",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/44117"
          },
          {
            "name": "APPLE-SA-2011-10-12-2",
            "refsource": "APPLE",
            "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html"
          },
          {
            "name": "MDVSA-2011:043",
            "refsource": "MANDRIVA",
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:043"
          },
          {
            "name": "43593",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/43593"
          },
          {
            "name": "FEDORA-2011-3827",
            "refsource": "FEDORA",
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057840.html"
          },
          {
            "name": "FEDORA-2011-2540",
            "refsource": "FEDORA",
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055240.html"
          },
          {
            "name": "50726",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/50726"
          },
          {
            "name": "http://support.apple.com/kb/HT4581",
            "refsource": "CONFIRM",
            "url": "http://support.apple.com/kb/HT4581"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:itunes:4.0.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:itunes:4.0.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:itunes:4.7:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:itunes:4.7.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:itunes:6.0.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:itunes:6.0.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:itunes:7.0.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:itunes:7.0.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:itunes:7.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:itunes:7.4.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:itunes:7.6.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:itunes:7.6.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:itunes:8.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:itunes:8.1.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:itunes:9.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:itunes:9.2.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:itunes:4.1.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:itunes:4.2.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:itunes:4.7.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:itunes:4.7.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:itunes:6.0.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:itunes:6.0.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:itunes:7.1.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:itunes:7.1.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:itunes:7.4.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:itunes:7.4.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:itunes:7.7:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:itunes:7.7.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:itunes:8.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:itunes:8.2.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:itunes:10.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:itunes:10.0.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:itunes:10.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:itunes:4.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:itunes:4.5.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:itunes:4.8.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:itunes:4.9.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:itunes:6.0.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:itunes:6.0.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:itunes:7.2.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:itunes:7.3.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:itunes:7.4.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:itunes:7.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:itunes:7.5.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:itunes:7.7.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:itunes:8.0.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:itunes:9.0.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:itunes:9.0.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:itunes:10.1.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "10.1.2",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:itunes:4.6:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:itunes:4.6.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:itunes:5.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:itunes:5.0.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:itunes:5.0.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:itunes:6.0.4.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:itunes:7.0.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:itunes:7.3.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:itunes:7.3.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:itunes:7.6:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:itunes:7.6.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:itunes:8.0.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:itunes:8.0.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:itunes:9.0.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:itunes:9.0.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_7:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "product-security@apple.com",
          "ID": "CVE-2011-0192"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Buffer overflow in Fax4Decode in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF Internet Fax image file that has been compressed using CCITT Group 4 encoding, related to the EXPAND2D macro in libtiff/tif_fax3.h.  NOTE: some of these details are obtained from third party information."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-119"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://support.apple.com/kb/HT4554",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://support.apple.com/kb/HT4554"
            },
            {
              "name": "APPLE-SA-2011-03-02-1",
              "refsource": "APPLE",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html"
            },
            {
              "name": "http://support.apple.com/kb/HT4564",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://support.apple.com/kb/HT4564"
            },
            {
              "name": "APPLE-SA-2011-03-09-2",
              "refsource": "APPLE",
              "tags": [],
              "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html"
            },
            {
              "name": "ADV-2011-0621",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2011/0621"
            },
            {
              "name": "APPLE-SA-2011-03-09-1",
              "refsource": "APPLE",
              "tags": [],
              "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html"
            },
            {
              "name": "http://support.apple.com/kb/HT4565",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://support.apple.com/kb/HT4565"
            },
            {
              "name": "http://support.apple.com/kb/HT4566",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://support.apple.com/kb/HT4566"
            },
            {
              "name": "MDVSA-2011:043",
              "refsource": "MANDRIVA",
              "tags": [],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:043"
            },
            {
              "name": "APPLE-SA-2011-03-09-3",
              "refsource": "APPLE",
              "tags": [],
              "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00005.html"
            },
            {
              "name": "http://support.apple.com/kb/HT4581",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://support.apple.com/kb/HT4581"
            },
            {
              "name": "APPLE-SA-2011-03-21-1",
              "refsource": "APPLE",
              "tags": [],
              "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
            },
            {
              "name": "1025153",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id?1025153"
            },
            {
              "name": "RHSA-2011:0318",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://www.redhat.com/support/errata/RHSA-2011-0318.html"
            },
            {
              "name": "FEDORA-2011-2498",
              "refsource": "FEDORA",
              "tags": [],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055683.html"
            },
            {
              "name": "43664",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/43664"
            },
            {
              "name": "43593",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/43593"
            },
            {
              "name": "46658",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/46658"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=678635",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=678635"
            },
            {
              "name": "ADV-2011-0599",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2011/0599"
            },
            {
              "name": "ADV-2011-0551",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2011/0551"
            },
            {
              "name": "FEDORA-2011-2540",
              "refsource": "FEDORA",
              "tags": [],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055240.html"
            },
            {
              "name": "43585",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/43585"
            },
            {
              "name": "ADV-2011-0845",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2011/0845"
            },
            {
              "name": "43934",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/43934"
            },
            {
              "name": "ADV-2011-0930",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2011/0930"
            },
            {
              "name": "DSA-2210",
              "refsource": "DEBIAN",
              "tags": [],
              "url": "http://www.debian.org/security/2011/dsa-2210"
            },
            {
              "name": "ADV-2011-0905",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2011/0905"
            },
            {
              "name": "FEDORA-2011-3836",
              "refsource": "FEDORA",
              "tags": [],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057763.html"
            },
            {
              "name": "ADV-2011-0960",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2011/0960"
            },
            {
              "name": "SSA:2011-098-01",
              "refsource": "SLACKWARE",
              "tags": [],
              "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2011\u0026m=slackware-security.587820"
            },
            {
              "name": "44135",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/44135"
            },
            {
              "name": "FEDORA-2011-3827",
              "refsource": "FEDORA",
              "tags": [],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057840.html"
            },
            {
              "name": "44117",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/44117"
            },
            {
              "name": "http://blackberry.com/btsc/KB27244",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://blackberry.com/btsc/KB27244"
            },
            {
              "name": "http://support.apple.com/kb/HT4999",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://support.apple.com/kb/HT4999"
            },
            {
              "name": "http://support.apple.com/kb/HT5001",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://support.apple.com/kb/HT5001"
            },
            {
              "name": "APPLE-SA-2011-10-12-1",
              "refsource": "APPLE",
              "tags": [],
              "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html"
            },
            {
              "name": "APPLE-SA-2011-10-12-2",
              "refsource": "APPLE",
              "tags": [],
              "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html"
            },
            {
              "name": "50726",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/50726"
            },
            {
              "name": "GLSA-201209-02",
              "refsource": "GENTOO",
              "tags": [],
              "url": "http://security.gentoo.org/glsa/glsa-201209-02.xml"
            },
            {
              "name": "SUSE-SR:2011:005",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"
            },
            {
              "name": "SUSE-SR:2011:009",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": true
        }
      },
      "lastModifiedDate": "2014-02-21T04:39Z",
      "publishedDate": "2011-03-03T20:00Z"
    }
  }
}

GHSA-8JMV-MMC9-GX7J

Vulnerability from github – Published: 2022-05-17 04:52 – Updated: 2022-05-17 04:52

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2011-0192"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-119"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2011-03-03T20:00:00Z",
    "severity": "HIGH"
  },
  "details": "Buffer overflow in Fax4Decode in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF Internet Fax image file that has been compressed using CCITT Group 4 encoding, related to the EXPAND2D macro in libtiff/tif_fax3.h.  NOTE: some of these details are obtained from third party information.",
  "id": "GHSA-8jmv-mmc9-gx7j",
  "modified": "2022-05-17T04:52:35Z",
  "published": "2022-05-17T04:52:35Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0192"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=678635"
    },
    {
      "type": "WEB",
      "url": "http://blackberry.com/btsc/KB27244"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00005.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057763.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057840.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055240.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055683.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/43585"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/43593"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/43664"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/43934"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/44117"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/44135"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/50726"
    },
    {
      "type": "WEB",
      "url": "http://security.gentoo.org/glsa/glsa-201209-02.xml"
    },
    {
      "type": "WEB",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2011\u0026m=slackware-security.587820"
    },
    {
      "type": "WEB",
      "url": "http://support.apple.com/kb/HT4554"
    },
    {
      "type": "WEB",
      "url": "http://support.apple.com/kb/HT4564"
    },
    {
      "type": "WEB",
      "url": "http://support.apple.com/kb/HT4565"
    },
    {
      "type": "WEB",
      "url": "http://support.apple.com/kb/HT4566"
    },
    {
      "type": "WEB",
      "url": "http://support.apple.com/kb/HT4581"
    },
    {
      "type": "WEB",
      "url": "http://support.apple.com/kb/HT4999"
    },
    {
      "type": "WEB",
      "url": "http://support.apple.com/kb/HT5001"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2011/dsa-2210"
    },
    {
      "type": "WEB",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:043"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2011-0318.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/46658"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1025153"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2011/0551"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2011/0599"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2011/0621"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2011/0845"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2011/0905"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2011/0930"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2011/0960"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2011-0192 (GCVE-0-2011-0192)

Description

Solution

Description

Solution

Description

Solution

Description

Solution

Description

Solution

Solution

Description

Solution

Description

Solution

Tags

Sightings

Nomenclature