ID
VAR-200911-0264
CVE
CVE-2009-2835
TITLE
Apple Mac OS X of Kernel Vulnerability gained in
Trust: 0.8
sources:
JVNDB: JVNDB-2009-002337
DESCRIPTION
The kernel in Apple Mac OS X before 10.6.2 does not properly handle task state segments, which allows local users to gain privileges, cause a denial of service (system crash), or obtain sensitive information via unspecified vectors. Apple Mac OS X kernel is prone to multiple vulnerabilities. Successfully exploiting these issues may allow local attackers to execute arbitrary code with kernel-level privileges, to completely compromise affected computers, to obtain sensitive information, and to trigger denial-of-service conditions. NOTE: These issues were previously covered in BID 36956 (Apple Mac OS X 2009-006 Multiple Security Vulnerabilities), but have been assigned their own record to better document them
Trust: 2.25
sources:
NVD: CVE-2009-2835 //
JVNDB: JVNDB-2009-002337 //
BID: 36983 //
BID: 36956 //
VULHUB: VHN-40281
AFFECTED PRODUCTS
| vendor: | apple | model: | mac os x server | scope: | eq | version: | 10.1.2 | Trust: 1.6 |
| vendor: | apple | model: | mac os x server | scope: | eq | version: | 10.0 | Trust: 1.6 |
| vendor: | apple | model: | mac os x server | scope: | eq | version: | 10.0.3 | Trust: 1.6 |
| vendor: | apple | model: | mac os x server | scope: | eq | version: | 10.0.2 | Trust: 1.6 |
| vendor: | apple | model: | mac os x server | scope: | eq | version: | 10.0.0 | Trust: 1.6 |
| vendor: | apple | model: | mac os x server | scope: | eq | version: | 10.0.4 | Trust: 1.6 |
| vendor: | apple | model: | mac os x server | scope: | eq | version: | 10.1.1 | Trust: 1.6 |
| vendor: | apple | model: | mac os x server | scope: | eq | version: | 10.1 | Trust: 1.6 |
| vendor: | apple | model: | mac os x server | scope: | eq | version: | 10.0.1 | Trust: 1.6 |
| vendor: | apple | model: | mac os x server | scope: | eq | version: | 10.1.3 | Trust: 1.6 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.3.3 | Trust: 1.0 |
| vendor: | apple | model: | mac os x server | scope: | eq | version: | 10.3.7 | Trust: 1.0 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.1.3 | Trust: 1.0 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.2.5 | Trust: 1.0 |
| vendor: | apple | model: | mac os x server | scope: | eq | version: | 10.4.2 | Trust: 1.0 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.2.1 | Trust: 1.0 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.4.6 | Trust: 1.0 |
| vendor: | apple | model: | mac os x server | scope: | eq | version: | 10.1.0 | Trust: 1.0 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.4.8 | Trust: 1.0 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.5.0 | Trust: 1.0 |
| vendor: | apple | model: | mac os x server | scope: | eq | version: | 10.2.0 | Trust: 1.0 |
| vendor: | apple | model: | mac os x server | scope: | eq | version: | 10.4.11 | Trust: 1.0 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.3.1 | Trust: 1.0 |
| vendor: | apple | model: | mac os x server | scope: | eq | version: | 10.3.1 | Trust: 1.0 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.3 | Trust: 1.0 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.3.2 | Trust: 1.0 |
| vendor: | apple | model: | mac os x server | scope: | eq | version: | 10.2 | Trust: 1.0 |
| vendor: | apple | model: | mac os x server | scope: | eq | version: | 10.4.3 | Trust: 1.0 |
| vendor: | apple | model: | mac os x server | scope: | eq | version: | 10.5.5 | Trust: 1.0 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.3.7 | Trust: 1.0 |
| vendor: | apple | model: | mac os x server | scope: | eq | version: | 10.1.5 | Trust: 1.0 |
| vendor: | apple | model: | mac os x server | scope: | eq | version: | 10.4.5 | Trust: 1.0 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.4.2 | Trust: 1.0 |
| vendor: | apple | model: | mac os x server | scope: | eq | version: | 10.4.10 | Trust: 1.0 |
| vendor: | apple | model: | mac os x server | scope: | eq | version: | 10.3.4 | Trust: 1.0 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.1.2 | Trust: 1.0 |
| vendor: | apple | model: | mac os x server | scope: | eq | version: | 10.3.0 | Trust: 1.0 |
| vendor: | apple | model: | mac os x server | scope: | eq | version: | 10.5.3 | Trust: 1.0 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.0 | Trust: 1.0 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.1.1 | Trust: 1.0 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.4.11 | Trust: 1.0 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.1.0 | Trust: 1.0 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.2.0 | Trust: 1.0 |
| vendor: | apple | model: | mac os x server | scope: | eq | version: | 10.2.8 | Trust: 1.0 |
| vendor: | apple | model: | mac os x server | scope: | eq | version: | 10.5.7 | Trust: 1.0 |
| vendor: | apple | model: | mac os x server | scope: | eq | version: | 10.5.8 | Trust: 1.0 |
| vendor: | apple | model: | mac os x server | scope: | eq | version: | 10.3.6 | Trust: 1.0 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.2 | Trust: 1.0 |
| vendor: | apple | model: | mac os x server | scope: | eq | version: | 10.4 | Trust: 1.0 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.4.3 | Trust: 1.0 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.5.5 | Trust: 1.0 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.1.5 | Trust: 1.0 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.4.5 | Trust: 1.0 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.4.10 | Trust: 1.0 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.5.3 | Trust: 1.0 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.3.4 | Trust: 1.0 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.3.0 | Trust: 1.0 |
| vendor: | apple | model: | mac os x server | scope: | eq | version: | 10.2.3 | Trust: 1.0 |
| vendor: | apple | model: | mac os x server | scope: | eq | version: | 10.4.0 | Trust: 1.0 |
| vendor: | apple | model: | mac os x server | scope: | eq | version: | 10.3.8 | Trust: 1.0 |
| vendor: | apple | model: | mac os x server | scope: | eq | version: | 10.4.7 | Trust: 1.0 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.0.0 | Trust: 1.0 |
| vendor: | apple | model: | mac os x server | scope: | eq | version: | 10.4.9 | Trust: 1.0 |
| vendor: | apple | model: | mac os x server | scope: | eq | version: | 10.3.9 | Trust: 1.0 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.0.3 | Trust: 1.0 |
| vendor: | apple | model: | mac os x server | scope: | eq | version: | 10.2.4 | Trust: 1.0 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.5.7 | Trust: 1.0 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.0.1 | Trust: 1.0 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.2.8 | Trust: 1.0 |
| vendor: | apple | model: | mac os x server | scope: | eq | version: | 10.4.8 | Trust: 1.0 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.0.4 | Trust: 1.0 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.5.8 | Trust: 1.0 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.3.6 | Trust: 1.0 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.4 | Trust: 1.0 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.2.3 | Trust: 1.0 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.4.0 | Trust: 1.0 |
| vendor: | apple | model: | mac os x server | scope: | eq | version: | 10.5.4 | Trust: 1.0 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.4.7 | Trust: 1.0 |
| vendor: | apple | model: | mac os x server | scope: | eq | version: | 10.5.2 | Trust: 1.0 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.3.8 | Trust: 1.0 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.4.9 | Trust: 1.0 |
| vendor: | apple | model: | mac os x server | scope: | eq | version: | 10.1.4 | Trust: 1.0 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.3.9 | Trust: 1.0 |
| vendor: | apple | model: | mac os x server | scope: | lte | version: | 10.6.1 | Trust: 1.0 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.2.4 | Trust: 1.0 |
| vendor: | apple | model: | mac os x server | scope: | eq | version: | 10.5.6 | Trust: 1.0 |
| vendor: | apple | model: | mac os x server | scope: | eq | version: | 10.4.1 | Trust: 1.0 |
| vendor: | apple | model: | mac os x server | scope: | eq | version: | 10.5.1 | Trust: 1.0 |
| vendor: | apple | model: | mac os x | scope: | lte | version: | 10.6.1 | Trust: 1.0 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.1 | Trust: 1.0 |
| vendor: | apple | model: | mac os x server | scope: | eq | version: | 10.2.6 | Trust: 1.0 |
| vendor: | apple | model: | mac os x server | scope: | eq | version: | 10.3.5 | Trust: 1.0 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.5.4 | Trust: 1.0 |
| vendor: | apple | model: | mac os x server | scope: | eq | version: | 10.6 | Trust: 1.0 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.5.2 | Trust: 1.0 |
| vendor: | apple | model: | mac os x server | scope: | eq | version: | 10.2.2 | Trust: 1.0 |
| vendor: | apple | model: | mac os x server | scope: | eq | version: | 10.2.7 | Trust: 1.0 |
| vendor: | apple | model: | mac os x server | scope: | eq | version: | 10.4.4 | Trust: 1.0 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.1.4 | Trust: 1.0 |
| vendor: | apple | model: | mac os x server | scope: | eq | version: | 10.5 | Trust: 1.0 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.5.6 | Trust: 1.0 |
| vendor: | apple | model: | mac os x server | scope: | eq | version: | 10.3.3 | Trust: 1.0 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.4.1 | Trust: 1.0 |
| vendor: | apple | model: | mac os x server | scope: | eq | version: | 10.2.5 | Trust: 1.0 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.5.1 | Trust: 1.0 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.2.6 | Trust: 1.0 |
| vendor: | apple | model: | mac os x server | scope: | eq | version: | 10.2.1 | Trust: 1.0 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.3.5 | Trust: 1.0 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.0.2 | Trust: 1.0 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.6 | Trust: 1.0 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.2.2 | Trust: 1.0 |
| vendor: | apple | model: | mac os x server | scope: | eq | version: | 10.4.6 | Trust: 1.0 |
| vendor: | apple | model: | mac os x server | scope: | eq | version: | 10.5.0 | Trust: 1.0 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.2.7 | Trust: 1.0 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.4.4 | Trust: 1.0 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.5 | Trust: 1.0 |
| vendor: | apple | model: | mac os x server | scope: | eq | version: | 10.3 | Trust: 1.0 |
| vendor: | apple | model: | mac os x server | scope: | eq | version: | 10.3.2 | Trust: 1.0 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | v10.6 | Trust: 0.8 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | v10.6.1 | Trust: 0.8 |
| vendor: | apple | model: | mac os x server | scope: | eq | version: | v10.6 | Trust: 0.8 |
| vendor: | apple | model: | mac os x server | scope: | eq | version: | v10.6.1 | Trust: 0.8 |
| vendor: | apple | model: | mac os server | scope: | eq | version: | x10.6.1 | Trust: 0.6 |
| vendor: | apple | model: | mac os server | scope: | eq | version: | x10.6 | Trust: 0.6 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.6.1 | Trust: 0.6 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.6 | Trust: 0.6 |
| vendor: | apple | model: | mac os server | scope: | ne | version: | x10.6.2 | Trust: 0.6 |
| vendor: | apple | model: | mac os | scope: | ne | version: | x10.6.2 | Trust: 0.6 |
| vendor: | apple | model: | mac os server | scope: | eq | version: | x10.5.8 | Trust: 0.3 |
| vendor: | apple | model: | mac os server | scope: | eq | version: | x10.5.7 | Trust: 0.3 |
| vendor: | apple | model: | mac os server | scope: | eq | version: | x10.5.6 | Trust: 0.3 |
| vendor: | apple | model: | mac os server | scope: | eq | version: | x10.5.5 | Trust: 0.3 |
| vendor: | apple | model: | mac os server | scope: | eq | version: | x10.5.4 | Trust: 0.3 |
| vendor: | apple | model: | mac os server | scope: | eq | version: | x10.5.3 | Trust: 0.3 |
| vendor: | apple | model: | mac os server | scope: | eq | version: | x10.5.2 | Trust: 0.3 |
| vendor: | apple | model: | mac os server | scope: | eq | version: | x10.5.1 | Trust: 0.3 |
| vendor: | apple | model: | mac os server | scope: | eq | version: | x10.5 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.5.8 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.5.7 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.5.6 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.5.5 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.5.4 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.5.3 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.5.2 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.5.1 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.5 | Trust: 0.3 |
sources:
BID: 36983 //
BID: 36956 //
JVNDB: JVNDB-2009-002337 //
CNNVD: CNNVD-200911-110 //
NVD: CVE-2009-2835
CVSS
SEVERITY | CVSSV2 | CVSSV3 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
sources:
VULHUB: VHN-40281 //
JVNDB: JVNDB-2009-002337 //
CNNVD: CNNVD-200911-110 //
NVD: CVE-2009-2835
PROBLEMTYPE DATA
| problemtype: | CWE-20 | Trust: 1.9 |
sources:
VULHUB: VHN-40281 //
JVNDB: JVNDB-2009-002337 //
NVD: CVE-2009-2835
THREAT TYPE
local
Trust: 0.9
sources:
BID: 36983 //
CNNVD: CNNVD-200911-110
TYPE
input validation
Trust: 0.6
sources:
CNNVD: CNNVD-200911-110
CONFIGURATIONS
sources:
JVNDB: JVNDB-2009-002337
PATCH
| title: | HT3937 | url: | http://support.apple.com/kb/HT3937 | Trust: 0.8 |
| title: | HT3937 | url: | http://support.apple.com/kb/HT3937?viewlocale=ja_JP | Trust: 0.8 |
sources:
JVNDB: JVNDB-2009-002337
EXTERNAL IDS
| db: | NVD | id: | CVE-2009-2835 | Trust: 2.8 |
| db: | VUPEN | id: | ADV-2009-3184 | Trust: 2.5 |
| db: | BID | id: | 36956 | Trust: 2.0 |
| db: | JVNDB | id: | JVNDB-2009-002337 | Trust: 0.8 |
| db: | CNNVD | id: | CNNVD-200911-110 | Trust: 0.7 |
| db: | APPLE | id: | APPLE-SA-2009-11-09-1 | Trust: 0.6 |
| db: | BID | id: | 36983 | Trust: 0.4 |
| db: | VULHUB | id: | VHN-40281 | Trust: 0.1 |
sources:
VULHUB: VHN-40281 //
BID: 36983 //
BID: 36956 //
JVNDB: JVNDB-2009-002337 //
CNNVD: CNNVD-200911-110 //
NVD: CVE-2009-2835
REFERENCES
| url: | http://www.vupen.com/english/advisories/2009/3184 | Trust: 2.5 |
| url: | http://lists.apple.com/archives/security-announce/2009/nov/msg00000.html | Trust: 1.7 |
| url: | http://www.securityfocus.com/bid/36956 | Trust: 1.7 |
| url: | http://support.apple.com/kb/ht3937 | Trust: 1.7 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2835 | Trust: 0.8 |
| url: | http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-2835 | Trust: 0.8 |
| url: | http://software.cisco.com/download/navigator.html?mdfid=283613663 | Trust: 0.3 |
| url: | http://www.apple.com/macosx/ | Trust: 0.3 |
sources:
VULHUB: VHN-40281 //
BID: 36983 //
BID: 36956 //
JVNDB: JVNDB-2009-002337 //
CNNVD: CNNVD-200911-110 //
NVD: CVE-2009-2835
CREDITS
Brian MastenbrookRegis DuchesneNicolas Joly
Trust: 0.6
sources:
CNNVD: CNNVD-200911-110
SOURCES
| db: | VULHUB | id: | VHN-40281 |
| db: | BID | id: | 36983 |
| db: | BID | id: | 36956 |
| db: | JVNDB | id: | JVNDB-2009-002337 |
| db: | CNNVD | id: | CNNVD-200911-110 |
| db: | NVD | id: | CVE-2009-2835 |
LAST UPDATE DATE
2025-04-10T20:23:16.497000+00:00
SOURCES UPDATE DATE
| db: | VULHUB | id: | VHN-40281 | date: | 2009-11-17T00:00:00 |
| db: | BID | id: | 36983 | date: | 2009-11-11T20:26:00 |
| db: | BID | id: | 36956 | date: | 2009-11-11T20:56:00 |
| db: | JVNDB | id: | JVNDB-2009-002337 | date: | 2009-12-18T00:00:00 |
| db: | CNNVD | id: | CNNVD-200911-110 | date: | 2009-11-10T00:00:00 |
| db: | NVD | id: | CVE-2009-2835 | date: | 2025-04-09T00:30:58.490 |
SOURCES RELEASE DATE
| db: | VULHUB | id: | VHN-40281 | date: | 2009-11-10T00:00:00 |
| db: | BID | id: | 36983 | date: | 2009-11-09T00:00:00 |
| db: | BID | id: | 36956 | date: | 2009-11-09T00:00:00 |
| db: | JVNDB | id: | JVNDB-2009-002337 | date: | 2009-12-18T00:00:00 |
| db: | CNNVD | id: | CNNVD-200911-110 | date: | 2009-11-10T00:00:00 |
| db: | NVD | id: | CVE-2009-2835 | date: | 2009-11-10T19:30:01.517 |