CVE-2012-3723

CWE-119Buffer Overflow3 documents3 sources
Severity
4.6MEDIUM
EPSS
0.1%
top 77.49%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Apple MAC OS XApple MAC OS X Server
Timeline
PublishedSep 20
Latest updateMay 17

Description

Apple Mac OS X before 10.7.5 does not properly handle the bNbrPorts field of a USB hub descriptor, which allows physically proximate attackers to execute arbitrary code or cause a denial of service (memory corruption and system crash) by attaching a USB device.

CVSS vector

AV:L/AC:L/C:P/I:P/A:PExploitability: 3.9 | Impact: 6.4

Affected Packages2 packages

NVDapple/mac_os_x10.7.4+70
NVDapple/mac_os_x_server10.7.4+70

🔴Vulnerability Details

2
GHSA
GHSA-9668-gp9w-hwrf: Apple Mac OS X before 102022-05-17
CVEList
CVE-2012-3723: Apple Mac OS X before 102012-09-20
CVE-2012-3723 (MEDIUM CVSS 4.6) | Apple Mac OS X before 10.7.5 does n | cvebase.io