1. Home
  2. CVE Database
  3. CVE-2011-0200
MEDIUM · 6.8

CVE-2011-0200

Integer overflow in ColorSync in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an image containing a crafted embed...

Vulnerability Description

Integer overflow in ColorSync in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an image containing a crafted embedded ColorSync profile that triggers a heap-based buffer overflow.

CVSS Score

6.8

MEDIUM

AV:N/AC:M/Au:N/C:P/I:P/A:P
Confidentiality
PARTIAL
Integrity
PARTIAL
Availability
PARTIAL

Affected Products

VendorProductVersions
AppleMac Os X10.6.0
AppleMac Os X Server10.6.0

Related Weaknesses (CWE)

CWE-189

References

FAQ

What is CVE-2011-0200?

CVE-2011-0200 is a vulnerability with a CVSS score of 6.8 (MEDIUM). Integer overflow in ColorSync in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an image containing a crafted embed...

How severe is CVE-2011-0200?

CVE-2011-0200 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2011-0200?

Check the references section above for vendor advisories and patch information. Affected products include: Apple Mac Os X, Apple Mac Os X Server.