mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-08-04 08:44:25 +00:00
112 lines
4.2 KiB
JSON
112 lines
4.2 KiB
JSON
{
|
|
"CVE_data_meta": {
|
|
"ASSIGNER": "cve@mitre.org",
|
|
"ID": "CVE-2011-1417",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "n/a",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name": "n/a"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format": "MITRE",
|
|
"data_type": "CVE",
|
|
"data_version": "4.0",
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "Integer overflow in QuickLook, as used in Apple Mac OS X before 10.6.7 and MobileSafari in Apple iOS before 4.2.7 and 4.3.x before 4.3.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a Microsoft Office document with a crafted size field in the OfficeArtMetafileHeader, related to OfficeArtBlip, as demonstrated on the iPhone by Charlie Miller and Dion Blazakis during a Pwn2Own competition at CanSecWest 2011."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"name": "APPLE-SA-2011-03-21-1",
|
|
"refsource": "APPLE",
|
|
"url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
|
|
},
|
|
{
|
|
"name": "APPLE-SA-2011-04-14-2",
|
|
"refsource": "APPLE",
|
|
"url": "http://lists.apple.com/archives/security-announce/2011//Apr/msg00001.html"
|
|
},
|
|
{
|
|
"name": "APPLE-SA-2011-10-12-5",
|
|
"refsource": "APPLE",
|
|
"url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00005.html"
|
|
},
|
|
{
|
|
"name": "http://dvlabs.tippingpoint.com/blog/2011/02/02/pwn2own-2011",
|
|
"refsource": "MISC",
|
|
"url": "http://dvlabs.tippingpoint.com/blog/2011/02/02/pwn2own-2011"
|
|
},
|
|
{
|
|
"name": "http://support.apple.com/kb/HT4607",
|
|
"refsource": "CONFIRM",
|
|
"url": "http://support.apple.com/kb/HT4607"
|
|
},
|
|
{
|
|
"name": "APPLE-SA-2011-04-14-1",
|
|
"refsource": "APPLE",
|
|
"url": "http://lists.apple.com/archives/security-announce/2011//Apr/msg00000.html"
|
|
},
|
|
{
|
|
"name": "http://support.apple.com/kb/HT5003",
|
|
"refsource": "CONFIRM",
|
|
"url": "http://support.apple.com/kb/HT5003"
|
|
},
|
|
{
|
|
"name": "http://www.zerodayinitiative.com/advisories/ZDI-11-109/",
|
|
"refsource": "MISC",
|
|
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-109/"
|
|
},
|
|
{
|
|
"name": "44154",
|
|
"refsource": "SECUNIA",
|
|
"url": "http://secunia.com/advisories/44154"
|
|
},
|
|
{
|
|
"name": "http://www.zdnet.com/blog/security/charlie-miller-wins-pwn2own-again-with-iphone-4-exploit/8378",
|
|
"refsource": "MISC",
|
|
"url": "http://www.zdnet.com/blog/security/charlie-miller-wins-pwn2own-again-with-iphone-4-exploit/8378"
|
|
},
|
|
{
|
|
"name": "http://support.apple.com/kb/HT4581",
|
|
"refsource": "CONFIRM",
|
|
"url": "http://support.apple.com/kb/HT4581"
|
|
}
|
|
]
|
|
}
|
|
} |