cvelistv5 - cve-2011-0191

CVE-2011-0191 (GCVE-0-2011-0191)

Vulnerability from cvelistv5

Published

2011-03-03 19:00

Modified

2024-08-06 21:43

Severity ?

CWE

Summary

Buffer overflow in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF image with JPEG encoding.

References

URL

Tags

	http://www.vupen.com/english/advisories/2011/0845	vdb-entry, x_refsource_VUPEN
	http://support.apple.com/kb/HT4564	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html	vendor-advisory, x_refsource_SUSE
	http://support.apple.com/kb/HT4565	x_refsource_CONFIRM
	http://secunia.com/advisories/43934	third-party-advisory, x_refsource_SECUNIA
	http://support.apple.com/kb/HT4566	x_refsource_CONFIRM
	http://www.debian.org/security/2011/dsa-2210	vendor-advisory, x_refsource_DEBIAN
	http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html	vendor-advisory, x_refsource_APPLE
	http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html	vendor-advisory, x_refsource_SUSE
	http://www.securityfocus.com/bid/46657	vdb-entry, x_refsource_BID
	http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html	vendor-advisory, x_refsource_APPLE
	http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html	vendor-advisory, x_refsource_APPLE
	http://support.apple.com/kb/HT4554	x_refsource_CONFIRM
	http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html	vendor-advisory, x_refsource_APPLE
	http://www.mandriva.com/security/advisories?name=MDVSA-2011:064	vendor-advisory, x_refsource_MANDRIVA
	http://lists.apple.com/archives/security-announce/2011//Mar/msg00005.html	vendor-advisory, x_refsource_APPLE
	http://www.vupen.com/english/advisories/2011/0859	vdb-entry, x_refsource_VUPEN
	http://support.apple.com/kb/HT4581	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T21:43:15.384Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ADV-2011-0845",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0845"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4564"
          },
          {
            "name": "SUSE-SR:2011:009",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4565"
          },
          {
            "name": "43934",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43934"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4566"
          },
          {
            "name": "DSA-2210",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2011/dsa-2210"
          },
          {
            "name": "APPLE-SA-2011-03-21-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
          },
          {
            "name": "SUSE-SR:2011:005",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"
          },
          {
            "name": "46657",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/46657"
          },
          {
            "name": "APPLE-SA-2011-03-02-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html"
          },
          {
            "name": "APPLE-SA-2011-03-09-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4554"
          },
          {
            "name": "APPLE-SA-2011-03-09-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html"
          },
          {
            "name": "MDVSA-2011:064",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:064"
          },
          {
            "name": "APPLE-SA-2011-03-09-3",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00005.html"
          },
          {
            "name": "ADV-2011-0859",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0859"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4581"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-03-02T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF image with JPEG encoding."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2014-02-10T16:57:01.000Z",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "name": "ADV-2011-0845",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0845"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4564"
        },
        {
          "name": "SUSE-SR:2011:009",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4565"
        },
        {
          "name": "43934",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43934"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4566"
        },
        {
          "name": "DSA-2210",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2011/dsa-2210"
        },
        {
          "name": "APPLE-SA-2011-03-21-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
        },
        {
          "name": "SUSE-SR:2011:005",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"
        },
        {
          "name": "46657",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/46657"
        },
        {
          "name": "APPLE-SA-2011-03-02-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html"
        },
        {
          "name": "APPLE-SA-2011-03-09-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4554"
        },
        {
          "name": "APPLE-SA-2011-03-09-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html"
        },
        {
          "name": "MDVSA-2011:064",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:064"
        },
        {
          "name": "APPLE-SA-2011-03-09-3",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00005.html"
        },
        {
          "name": "ADV-2011-0859",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0859"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4581"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "product-security@apple.com",
          "ID": "CVE-2011-0191",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF image with JPEG encoding."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ADV-2011-0845",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0845"
            },
            {
              "name": "http://support.apple.com/kb/HT4564",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4564"
            },
            {
              "name": "SUSE-SR:2011:009",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html"
            },
            {
              "name": "http://support.apple.com/kb/HT4565",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4565"
            },
            {
              "name": "43934",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/43934"
            },
            {
              "name": "http://support.apple.com/kb/HT4566",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4566"
            },
            {
              "name": "DSA-2210",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2011/dsa-2210"
            },
            {
              "name": "APPLE-SA-2011-03-21-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
            },
            {
              "name": "SUSE-SR:2011:005",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"
            },
            {
              "name": "46657",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/46657"
            },
            {
              "name": "APPLE-SA-2011-03-02-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html"
            },
            {
              "name": "APPLE-SA-2011-03-09-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html"
            },
            {
              "name": "http://support.apple.com/kb/HT4554",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4554"
            },
            {
              "name": "APPLE-SA-2011-03-09-2",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html"
            },
            {
              "name": "MDVSA-2011:064",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:064"
            },
            {
              "name": "APPLE-SA-2011-03-09-3",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00005.html"
            },
            {
              "name": "ADV-2011-0859",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0859"
            },
            {
              "name": "http://support.apple.com/kb/HT4581",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4581"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2011-0191",
    "datePublished": "2011-03-03T19:00:00.000Z",
    "dateReserved": "2010-12-23T00:00:00.000Z",
    "dateUpdated": "2024-08-06T21:43:15.384Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CERTA-2011-AVI-151

Vulnerability from certfr_avis

De multiples vulnérabilités affectent Apple iOS versions 4.2 et antérieures. Certaines permettent l'exécution de code arbitraire à distance.

Description

De multiples vulnérabilités ont été corrigées dans différents composants du système d'exploitation Apple iOS, notamment dans :

CoreGraphics ;
ImageIO ;
libxml ;
Networking ;
Safari ;
WebKit ;
Wi-Fi.

Parmis ces vulnérabilités, certaines permettent l'exécution de code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Apple iOS 4.2.1 et antérieures.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Apple HT4564 du 09 mars 2011

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cp\u003eApple iOS 4.2.1 et ant\u00e9rieures.\u003c/p\u003e",
  "content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans diff\u00e9rents composants\ndu syst\u00e8me d\u0027exploitation Apple iOS, notamment dans :\n\n-   CoreGraphics ;\n-   ImageIO ;\n-   libxml ;\n-   Networking ;\n-   Safari ;\n-   WebKit ;\n-   Wi-Fi.\n\nParmis ces vuln\u00e9rabilit\u00e9s, certaines permettent l\u0027ex\u00e9cution de code\narbitraire \u00e0 distance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2011-0153",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0153"
    },
    {
      "name": "CVE-2011-0138",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0138"
    },
    {
      "name": "CVE-2011-0156",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0156"
    },
    {
      "name": "CVE-2011-0192",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0192"
    },
    {
      "name": "CVE-2011-0120",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0120"
    },
    {
      "name": "CVE-2011-0115",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0115"
    },
    {
      "name": "CVE-2011-0112",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0112"
    },
    {
      "name": "CVE-2011-0113",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0113"
    },
    {
      "name": "CVE-2011-0140",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0140"
    },
    {
      "name": "CVE-2010-4494",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4494"
    },
    {
      "name": "CVE-2011-0148",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0148"
    },
    {
      "name": "CVE-2011-0127",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0127"
    },
    {
      "name": "CVE-2011-0163",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0163"
    },
    {
      "name": "CVE-2010-1792",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1792"
    },
    {
      "name": "CVE-2011-0142",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0142"
    },
    {
      "name": "CVE-2011-0150",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0150"
    },
    {
      "name": "CVE-2011-0122",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0122"
    },
    {
      "name": "CVE-2011-0118",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0118"
    },
    {
      "name": "CVE-2011-0129",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0129"
    },
    {
      "name": "CVE-2011-0191",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0191"
    },
    {
      "name": "CVE-2011-0160",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0160"
    },
    {
      "name": "CVE-2011-0149",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0149"
    },
    {
      "name": "CVE-2011-0151",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0151"
    },
    {
      "name": "CVE-2011-0126",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0126"
    },
    {
      "name": "CVE-2011-0155",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0155"
    },
    {
      "name": "CVE-2011-0125",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0125"
    },
    {
      "name": "CVE-2011-0158",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0158"
    },
    {
      "name": "CVE-2011-0119",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0119"
    },
    {
      "name": "CVE-2011-0161",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0161"
    },
    {
      "name": "CVE-2011-0123",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0123"
    },
    {
      "name": "CVE-2011-0145",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0145"
    },
    {
      "name": "CVE-2011-0121",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0121"
    },
    {
      "name": "CVE-2011-0128",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0128"
    },
    {
      "name": "CVE-2010-3855",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3855"
    },
    {
      "name": "CVE-2011-0141",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0141"
    },
    {
      "name": "CVE-2011-0152",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0152"
    },
    {
      "name": "CVE-2011-0134",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0134"
    },
    {
      "name": "CVE-2011-0114",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0114"
    },
    {
      "name": "CVE-2011-0135",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0135"
    },
    {
      "name": "CVE-2011-0124",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0124"
    },
    {
      "name": "CVE-2011-0132",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0132"
    },
    {
      "name": "CVE-2011-0162",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0162"
    },
    {
      "name": "CVE-2011-0159",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0159"
    },
    {
      "name": "CVE-2011-0130",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0130"
    },
    {
      "name": "CVE-2011-0143",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0143"
    },
    {
      "name": "CVE-2011-0111",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0111"
    },
    {
      "name": "CVE-2011-0117",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0117"
    },
    {
      "name": "CVE-2011-0154",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0154"
    },
    {
      "name": "CVE-2011-0146",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0146"
    },
    {
      "name": "CVE-2010-1824",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1824"
    },
    {
      "name": "CVE-2011-0144",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0144"
    },
    {
      "name": "CVE-2011-0147",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0147"
    },
    {
      "name": "CVE-2011-0131",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0131"
    },
    {
      "name": "CVE-2011-0168",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0168"
    },
    {
      "name": "CVE-2011-0136",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0136"
    },
    {
      "name": "CVE-2011-0133",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0133"
    },
    {
      "name": "CVE-2011-0157",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0157"
    },
    {
      "name": "CVE-2011-0137",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0137"
    },
    {
      "name": "CVE-2011-0116",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0116"
    }
  ],
  "initial_release_date": "2011-03-11T00:00:00",
  "last_revision_date": "2011-03-11T00:00:00",
  "links": [],
  "reference": "CERTA-2011-AVI-151",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2011-03-11T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s affectent Apple iOS versions 4.2 et\nant\u00e9rieures. Certaines permettent l\u0027ex\u00e9cution de code arbitraire \u00e0\ndistance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Apple iOS",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT4564 du 09 mars 2011",
      "url": "http://support.apple.com/kb/HT4564"
    }
  ]
}

CERTA-2011-AVI-150

Vulnerability from certfr_avis

De multiples vulnérabilités permettant l'exécution de code arbitraire ont été corrigées dans Apple Safari.

Description

De multiples vulnérabilités ont été corrigées dans Apple Safari pour Microsoft Windows et Mac OS X. Celles-ci permettent l'exécution de code arbitraire à distance par l'intermédiaire d'une page Web spécialement conçue.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

La version 5.0.4 de Apple Safari corrige ces vulnérabilités. Cette nouvelle version integre une mise à jour de la libpng en version 1.4.3.

Apple Safari versions antérieures à 5.0.4.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Apple HT4566 du 09 mars 2011

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cp\u003eApple Safari versions ant\u00e9rieures \u00e0  5.0.4.\u003c/p\u003e",
  "content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans Apple Safari pour\nMicrosoft Windows et Mac OS X. Celles-ci permettent l\u0027ex\u00e9cution de code\narbitraire \u00e0 distance par l\u0027interm\u00e9diaire d\u0027une page Web sp\u00e9cialement\ncon\u00e7ue.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n\nLa version 5.0.4 de Apple Safari corrige ces vuln\u00e9rabilit\u00e9s. Cette\nnouvelle version integre une mise \u00e0 jour de la libpng en version 1.4.3.\n",
  "cves": [
    {
      "name": "CVE-2011-0170",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0170"
    },
    {
      "name": "CVE-2011-0153",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0153"
    },
    {
      "name": "CVE-2011-0138",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0138"
    },
    {
      "name": "CVE-2011-0156",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0156"
    },
    {
      "name": "CVE-2011-0192",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0192"
    },
    {
      "name": "CVE-2011-0120",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0120"
    },
    {
      "name": "CVE-2011-0115",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0115"
    },
    {
      "name": "CVE-2011-0112",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0112"
    },
    {
      "name": "CVE-2011-0113",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0113"
    },
    {
      "name": "CVE-2011-0140",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0140"
    },
    {
      "name": "CVE-2010-4494",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4494"
    },
    {
      "name": "CVE-2010-2249",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2249"
    },
    {
      "name": "CVE-2011-0148",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0148"
    },
    {
      "name": "CVE-2011-0127",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0127"
    },
    {
      "name": "CVE-2011-0163",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0163"
    },
    {
      "name": "CVE-2011-0169",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0169"
    },
    {
      "name": "CVE-2011-0142",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0142"
    },
    {
      "name": "CVE-2011-0150",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0150"
    },
    {
      "name": "CVE-2011-0122",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0122"
    },
    {
      "name": "CVE-2011-0118",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0118"
    },
    {
      "name": "CVE-2011-0129",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0129"
    },
    {
      "name": "CVE-2011-0165",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0165"
    },
    {
      "name": "CVE-2011-0191",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0191"
    },
    {
      "name": "CVE-2010-1205",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1205"
    },
    {
      "name": "CVE-2011-0160",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0160"
    },
    {
      "name": "CVE-2011-0149",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0149"
    },
    {
      "name": "CVE-2011-0151",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0151"
    },
    {
      "name": "CVE-2011-0126",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0126"
    },
    {
      "name": "CVE-2011-0155",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0155"
    },
    {
      "name": "CVE-2011-0125",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0125"
    },
    {
      "name": "CVE-2011-0119",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0119"
    },
    {
      "name": "CVE-2011-0161",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0161"
    },
    {
      "name": "CVE-2011-0123",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0123"
    },
    {
      "name": "CVE-2011-0145",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0145"
    },
    {
      "name": "CVE-2011-0121",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0121"
    },
    {
      "name": "CVE-2011-0128",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0128"
    },
    {
      "name": "CVE-2011-0141",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0141"
    },
    {
      "name": "CVE-2011-0152",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0152"
    },
    {
      "name": "CVE-2011-0134",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0134"
    },
    {
      "name": "CVE-2011-0114",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0114"
    },
    {
      "name": "CVE-2011-0135",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0135"
    },
    {
      "name": "CVE-2011-0124",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0124"
    },
    {
      "name": "CVE-2011-0132",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0132"
    },
    {
      "name": "CVE-2011-0130",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0130"
    },
    {
      "name": "CVE-2011-0143",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0143"
    },
    {
      "name": "CVE-2011-0111",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0111"
    },
    {
      "name": "CVE-2011-0117",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0117"
    },
    {
      "name": "CVE-2011-0154",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0154"
    },
    {
      "name": "CVE-2010-4008",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4008"
    },
    {
      "name": "CVE-2011-0146",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0146"
    },
    {
      "name": "CVE-2011-0166",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0166"
    },
    {
      "name": "CVE-2010-1824",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1824"
    },
    {
      "name": "CVE-2011-0144",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0144"
    },
    {
      "name": "CVE-2011-0147",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0147"
    },
    {
      "name": "CVE-2011-0131",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0131"
    },
    {
      "name": "CVE-2011-0167",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0167"
    },
    {
      "name": "CVE-2011-0168",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0168"
    },
    {
      "name": "CVE-2011-0136",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0136"
    },
    {
      "name": "CVE-2011-0133",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0133"
    },
    {
      "name": "CVE-2011-0139",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0139"
    },
    {
      "name": "CVE-2011-0137",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0137"
    },
    {
      "name": "CVE-2011-0116",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0116"
    }
  ],
  "initial_release_date": "2011-03-11T00:00:00",
  "last_revision_date": "2011-03-11T00:00:00",
  "links": [],
  "reference": "CERTA-2011-AVI-150",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2011-03-11T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s permettant l\u0027ex\u00e9cution de code arbitraire\nont \u00e9t\u00e9 corrig\u00e9es dans Apple Safari.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Apple Safari",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT4566 du 09 mars 2011",
      "url": "http://support.apple.com/kb/HT4566"
    }
  ]
}

CERTA-2011-AVI-134

Vulnerability from certfr_avis

Plusieurs vulnérabilités dans le lecteur multimédia iTunes d'Apple permettent à une personne distante malintentionnée de provoquer un déni de service ou d'exécuter du code arbitraire.

Description

De multiples vulnérabilités dans iTunes ont été corrigées. Un individu malveillant peut exploiter ces vulnérabilités afin de provoquer l'arrêt inoppinée de l'application ou d'exécuter du code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

iTunes 10.2.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Apple HT4554 du 02 mars 2011

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eiTunes 10.2.\u003c/P\u003e",
  "content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s dans iTunes ont \u00e9t\u00e9 corrig\u00e9es. Un individu\nmalveillant peut exploiter ces vuln\u00e9rabilit\u00e9s afin de provoquer l\u0027arr\u00eat\ninoppin\u00e9e de l\u0027application ou d\u0027ex\u00e9cuter du code arbitraire \u00e0 distance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2011-0170",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0170"
    },
    {
      "name": "CVE-2011-0153",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0153"
    },
    {
      "name": "CVE-2011-0138",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0138"
    },
    {
      "name": "CVE-2011-0156",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0156"
    },
    {
      "name": "CVE-2011-0192",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0192"
    },
    {
      "name": "CVE-2011-0120",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0120"
    },
    {
      "name": "CVE-2011-0115",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0115"
    },
    {
      "name": "CVE-2011-0112",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0112"
    },
    {
      "name": "CVE-2011-0113",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0113"
    },
    {
      "name": "CVE-2011-0140",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0140"
    },
    {
      "name": "CVE-2010-4494",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4494"
    },
    {
      "name": "CVE-2010-2249",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2249"
    },
    {
      "name": "CVE-2011-0148",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0148"
    },
    {
      "name": "CVE-2011-0127",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0127"
    },
    {
      "name": "CVE-2011-0142",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0142"
    },
    {
      "name": "CVE-2011-0150",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0150"
    },
    {
      "name": "CVE-2011-0164",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0164"
    },
    {
      "name": "CVE-2011-0122",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0122"
    },
    {
      "name": "CVE-2011-0118",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0118"
    },
    {
      "name": "CVE-2011-0129",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0129"
    },
    {
      "name": "CVE-2011-0165",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0165"
    },
    {
      "name": "CVE-2011-0191",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0191"
    },
    {
      "name": "CVE-2010-1205",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1205"
    },
    {
      "name": "CVE-2011-0149",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0149"
    },
    {
      "name": "CVE-2011-0151",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0151"
    },
    {
      "name": "CVE-2011-0126",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0126"
    },
    {
      "name": "CVE-2011-0155",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0155"
    },
    {
      "name": "CVE-2011-0125",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0125"
    },
    {
      "name": "CVE-2011-0119",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0119"
    },
    {
      "name": "CVE-2011-0123",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0123"
    },
    {
      "name": "CVE-2011-0145",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0145"
    },
    {
      "name": "CVE-2011-0121",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0121"
    },
    {
      "name": "CVE-2011-0128",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0128"
    },
    {
      "name": "CVE-2011-0141",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0141"
    },
    {
      "name": "CVE-2011-0152",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0152"
    },
    {
      "name": "CVE-2011-0134",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0134"
    },
    {
      "name": "CVE-2011-0114",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0114"
    },
    {
      "name": "CVE-2011-0135",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0135"
    },
    {
      "name": "CVE-2011-0124",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0124"
    },
    {
      "name": "CVE-2011-0132",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0132"
    },
    {
      "name": "CVE-2011-0130",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0130"
    },
    {
      "name": "CVE-2011-0143",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0143"
    },
    {
      "name": "CVE-2011-0111",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0111"
    },
    {
      "name": "CVE-2011-0117",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0117"
    },
    {
      "name": "CVE-2011-0154",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0154"
    },
    {
      "name": "CVE-2010-4008",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4008"
    },
    {
      "name": "CVE-2011-0146",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0146"
    },
    {
      "name": "CVE-2010-1824",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1824"
    },
    {
      "name": "CVE-2011-0144",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0144"
    },
    {
      "name": "CVE-2011-0147",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0147"
    },
    {
      "name": "CVE-2011-0131",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0131"
    },
    {
      "name": "CVE-2011-0168",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0168"
    },
    {
      "name": "CVE-2011-0136",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0136"
    },
    {
      "name": "CVE-2011-0133",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0133"
    },
    {
      "name": "CVE-2011-0139",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0139"
    },
    {
      "name": "CVE-2011-0137",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0137"
    },
    {
      "name": "CVE-2011-0116",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0116"
    }
  ],
  "initial_release_date": "2011-03-04T00:00:00",
  "last_revision_date": "2011-03-04T00:00:00",
  "links": [],
  "reference": "CERTA-2011-AVI-134",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2011-03-04T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Plusieurs vuln\u00e9rabilit\u00e9s dans le lecteur multim\u00e9dia iTunes d\u0027Apple\npermettent \u00e0 une personne distante malintentionn\u00e9e de provoquer un d\u00e9ni\nde service ou d\u0027ex\u00e9cuter du code arbitraire.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans iTunes",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT4554 du 02 mars 2011",
      "url": "http://support.apple.com/kb/HT4554"
    }
  ]
}

CERTA-2011-AVI-162

Vulnerability from certfr_avis

De nombreuses vulnérabilités ont été corrigées dans Mac OS X. Leur exploitation permet, entre autres, l'exécution de code arbitraire à distance.

Description

De multiples vulnérabilités ont été corrigées dans différents composants du système d'exploitation Mac OS X, notamment :

Airport ;
AppleScript ;
ATS ;
CarbonCore ;
CoreText ;
File Quarantine ;
HFS ;
ImageIO ;
ImageRaw ;
Installer ;
Kernel ;
Libinfo ;
Libxml ;
QuickLook ;
QuickTime ;
Terminal.

Cette mise à jour corrige également un grand nombre de vulnérabilités dans des logiciels inclus au système d'exploitation comme Apache, ClamAV, Kerberos, Mailman, PHP, Ruby, Samba, Subversion et X11. Parmi les failles corrigées, certaines permettent l'exécution de code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
N/A	N/A	Mac OS X 10.5.8 ;
N/A	N/A	Mac OS X Server 10.6.x.
N/A	N/A	Mac OS X Server 10.5.8 ;
N/A	N/A	Mac OS X 10.6.x ;

References

Title

Publication Time

Tags

Bulletin de sécurité Apple HT4581 du 21 mars 2011

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Mac OS X 10.5.8 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Mac OS X Server 10.6.x.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Mac OS X Server 10.5.8 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Mac OS X 10.6.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans diff\u00e9rents composants\ndu syst\u00e8me d\u0027exploitation Mac OS X, notamment :\n\n-   Airport ;\n-   AppleScript ;\n-   ATS ;\n-   CarbonCore ;\n-   CoreText ;\n-   File Quarantine ;\n-   HFS ;\n-   ImageIO ;\n-   ImageRaw ;\n-   Installer ;\n-   Kernel ;\n-   Libinfo ;\n-   Libxml ;\n-   QuickLook ;\n-   QuickTime ;\n-   Terminal.\n\nCette mise \u00e0 jour corrige \u00e9galement un grand nombre de vuln\u00e9rabilit\u00e9s\ndans des logiciels inclus au syst\u00e8me d\u0027exploitation comme Apache,\nClamAV, Kerberos, Mailman, PHP, Ruby, Samba, Subversion et X11. Parmi\nles failles corrig\u00e9es, certaines permettent l\u0027ex\u00e9cution de code\narbitraire \u00e0 distance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2011-0170",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0170"
    },
    {
      "name": "CVE-2010-3089",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3089"
    },
    {
      "name": "CVE-2010-3870",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3870"
    },
    {
      "name": "CVE-2011-0187",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0187"
    },
    {
      "name": "CVE-2010-3709",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3709"
    },
    {
      "name": "CVE-2010-4020",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4020"
    },
    {
      "name": "CVE-2011-0172",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0172"
    },
    {
      "name": "CVE-2011-0181",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0181"
    },
    {
      "name": "CVE-2011-0192",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0192"
    },
    {
      "name": "CVE-2010-3710",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3710"
    },
    {
      "name": "CVE-2011-0183",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0183"
    },
    {
      "name": "CVE-2010-4494",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4494"
    },
    {
      "name": "CVE-2011-0182",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0182"
    },
    {
      "name": "CVE-2010-2068",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2068"
    },
    {
      "name": "CVE-2010-1452",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1452"
    },
    {
      "name": "CVE-2010-4021",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4021"
    },
    {
      "name": "CVE-2011-0173",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0173"
    },
    {
      "name": "CVE-2010-0405",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0405"
    },
    {
      "name": "CVE-2010-2950",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2950"
    },
    {
      "name": "CVE-2011-0191",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0191"
    },
    {
      "name": "CVE-2011-0186",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0186"
    },
    {
      "name": "CVE-2011-0178",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0178"
    },
    {
      "name": "CVE-2010-3802",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3802"
    },
    {
      "name": "CVE-2010-4409",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4409"
    },
    {
      "name": "CVE-2011-0190",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0190"
    },
    {
      "name": "CVE-2011-1417",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1417"
    },
    {
      "name": "CVE-2010-3801",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3801"
    },
    {
      "name": "CVE-2010-4479",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4479"
    },
    {
      "name": "CVE-2011-0188",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0188"
    },
    {
      "name": "CVE-2010-3814",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3814"
    },
    {
      "name": "CVE-2010-3855",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3855"
    },
    {
      "name": "CVE-2011-0180",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0180"
    },
    {
      "name": "CVE-2010-1324",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1324"
    },
    {
      "name": "CVE-2011-0174",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0174"
    },
    {
      "name": "CVE-2011-0189",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0189"
    },
    {
      "name": "CVE-2006-7243",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-7243"
    },
    {
      "name": "CVE-2010-4261",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4261"
    },
    {
      "name": "CVE-2010-3434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3434"
    },
    {
      "name": "CVE-2010-4260",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4260"
    },
    {
      "name": "CVE-2010-3315",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3315"
    },
    {
      "name": "CVE-2011-0184",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0184"
    },
    {
      "name": "CVE-2011-0179",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0179"
    },
    {
      "name": "CVE-2010-3069",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3069"
    },
    {
      "name": "CVE-2011-0177",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0177"
    },
    {
      "name": "CVE-2010-1323",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1323"
    },
    {
      "name": "CVE-2010-4008",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4008"
    },
    {
      "name": "CVE-2010-3436",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3436"
    },
    {
      "name": "CVE-2011-0194",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0194"
    },
    {
      "name": "CVE-2011-0175",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0175"
    },
    {
      "name": "CVE-2010-4150",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4150"
    },
    {
      "name": "CVE-2011-0193",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0193"
    },
    {
      "name": "CVE-2011-0176",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0176"
    },
    {
      "name": "CVE-2010-4009",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4009"
    }
  ],
  "initial_release_date": "2011-03-22T00:00:00",
  "last_revision_date": "2011-03-22T00:00:00",
  "links": [],
  "reference": "CERTA-2011-AVI-162",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2011-03-22T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De nombreuses vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans Mac OS X. Leur\nexploitation permet, entre autres, l\u0027ex\u00e9cution de code arbitraire \u00e0\ndistance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Mac OS X",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT4581 du 21 mars 2011",
      "url": "http://support.apple.com/kb/HT4581"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2011-0191 (GCVE-0-2011-0191)

Vulnerability from cvelistv5

CERTA-2011-AVI-151

Vulnerability from certfr_avis

Description

Solution

CERTA-2011-AVI-150

Vulnerability from certfr_avis

Description

Solution

CERTA-2011-AVI-134

Vulnerability from certfr_avis

Description

Solution

CERTA-2011-AVI-162

Vulnerability from certfr_avis

Description

Solution

Tags

Sightings

Nomenclature