CVE-2001-1411 — Use of Externally-Controlled Format String in Apple MAC OS X

2 documents2 sources

Severity

7.2HIGHNVD

EPSS

0.1%

top 76.26%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple MAC OS X

Timeline

PublishedNov 17

Latest updateApr 30

Description

Format string vulnerability in gm4 (aka m4) on Mac OS X may allow local users to gain privileges if gm4 is called by setuid programs.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages1 packages

▶NVDapple/mac_os_x10.4.9

🔴Vulnerability Details

GHSA

GHSA-4v63-pgpj-7w24: Format string vulnerability in gm4 (aka m4) on Mac OS X may allow local users to gain privileges if gm4 is called by setuid programs↗2022-04-30

▶