Vulnerability Description
Buffer overflow in The Core Foundation framework (CoreFoundation.framework) in Mac OS X 10.2.8, 10.3.4, and 10.3.5 allows local users to execute arbitrary code via a certain environment variable.
CVSS Score
7.2
HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Apple | Mac Os X | 10.2.8 |
| Apple | Mac Os X Server | 10.2.8 |
References
- http://secunia.com/advisories/12491/
- http://www.ciac.org/ciac/bulletins/o-212.shtml
- http://www.kb.cert.org/vuls/id/545446US Government Resource
- http://www.securityfocus.com/advisories/7148
- http://www.securityfocus.com/bid/11136
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17295
- http://secunia.com/advisories/12491/
- http://www.ciac.org/ciac/bulletins/o-212.shtml
- http://www.kb.cert.org/vuls/id/545446US Government Resource
- http://www.securityfocus.com/advisories/7148
- http://www.securityfocus.com/bid/11136
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17295
FAQ
What is CVE-2004-0822?
CVE-2004-0822 is a vulnerability with a CVSS score of 7.2 (HIGH). Buffer overflow in The Core Foundation framework (CoreFoundation.framework) in Mac OS X 10.2.8, 10.3.4, and 10.3.5 allows local users to execute arbitrary code via a certain environment variable.
How severe is CVE-2004-0822?
CVE-2004-0822 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-0822?
Check the references section above for vendor advisories and patch information. Affected products include: Apple Mac Os X, Apple Mac Os X Server.