CVE-2011-3224Apple MAC OS X vulnerability

3 documents3 sources
Severity
2.6LOWNVD
EPSS
0.5%
top 32.56%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Apple MAC OS XApple MAC OS X Server
Timeline
PublishedOct 14
Latest updateMay 17

Description

The User Documentation component in Apple Mac OS X through 10.6.8 uses http sessions for updates to App Store help information, which allows man-in-the-middle attackers to execute arbitrary code by spoofing the http server.

CVSS vector

AV:N/AC:H/C:N/I:P/A:NExploitability: 4.9 | Impact: 2.9

Affected Packages2 packages

NVDapple/mac_os_x_server10.6.8+65
NVDapple/mac_os_x10.6.8+65

🔴Vulnerability Details

2
GHSA
GHSA-r83g-q654-9mvf: The User Documentation component in Apple Mac OS X through 102022-05-17
CVEList
CVE-2011-3224: The User Documentation component in Apple Mac OS X through 102011-10-14
CVE-2011-3224 — Apple MAC OS X vulnerability | cvebase