Sign-up

ID

VAR-201001-0701


CVE

CVE-2010-0037


TITLE

Apple Mac OS X of Image RAW Vulnerable to arbitrary code execution

Trust: 0.8

sources: JVNDB: JVNDB-2010-001042

DESCRIPTION

Buffer overflow in Image RAW in Apple Mac OS X 10.5.8 and 10.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted DNG image. Successfully exploiting this issue may allow attackers to execute arbitrary code within the context of the application. Failed exploit attempts will likely result in a denial-of-service condition. The following versions are affected: Mac OS X 10.5.8 and prior Mac OS X Server 10.5.8 and prior Mac OS X 10.6.2 and prior Mac OS X Server 10.6.2 and prior. Users who are tricked into opening malicious DNG graphics can cause denial of service or execute arbitrary commands. 1) A boundary error in CoreAudio can be exploited to cause a buffer overflow via a specially crafted mp4 audio file. 2) An error in CUPS can be exploited to cause a DoS (Denial of Service). For more information: SA37364 3) Multiple vulnerabilities in the Flash Player plug-in can be exploited to gain knowledge of system information or compromise a user's system. For more information: SA37584 4) A vulnerability in ImageIO can be exploited to cause a DoS or to potentially compromise a user's system. 6) A vulnerability in OpenSSL can be exploited to manipulate certain data. For more information: SA37291 SOLUTION: Apply Security Update 2010-001. Security Update 2010-001 (Snow Leopard): http://support.apple.com/kb/DL994 Security Update 2010-001 Server (Leopard): http://support.apple.com/kb/DL992 Security Update 2010-001 Client (Leopard): http://support.apple.com/kb/DL993 PROVIDED AND/OR DISCOVERED BY: The vendor credits: 1) Tobias Klein, trapkit.de 3) Damian Put, TippingPoints Zero Day Initiative, Bing Liu of Fortinet's FortiGuard Global Security Research Team, Will Dormann of CERT, Manuel Caballero and Microsoft Vulnerability Research (MSVR) 5) Jason Carr, Carnegie Mellon University Computing Services 6) Steve Dispensa and Marsh Ray, PhoneFactor, Inc. ORIGINAL ADVISORY: Apple: http://support.apple.com/kb/HT4004 OTHER REFERENCES: SA35515: http://secunia.com/advisories/35515/ SA37291: http://secunia.com/advisories/37291/ SA37364: http://secunia.com/advisories/37364/ SA37584: http://secunia.com/advisories/37584/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.07

sources: NVD: CVE-2010-0037 // JVNDB: JVNDB-2010-001042 // BID: 37869 // VULHUB: VHN-42642 // PACKETSTORM: 85459

AFFECTED PRODUCTS

vendor:applemodel:mac os x serverscope:eqversion:10.6.2

Trust: 1.6

vendor:applemodel:mac os xscope:eqversion:10.6.2

Trust: 1.6

vendor:applemodel:mac os xscope:eqversion:10.5.8

Trust: 1.6

vendor:applemodel:mac os x serverscope:eqversion:10.5.8

Trust: 1.6

vendor:applemodel:mac os xscope:eqversion:v10.5.8

Trust: 0.8

vendor:applemodel:mac os xscope:eqversion:v10.6.2

Trust: 0.8

vendor:applemodel:mac os x serverscope:eqversion:v10.5.8

Trust: 0.8

vendor:applemodel:mac os x serverscope:eqversion:v10.6.2

Trust: 0.8

vendor:applemodel:mac os serverscope:eqversion:x10.6.2

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.6.1

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.5.8

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.5.7

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.5.6

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.5.5

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.5.4

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.5.3

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.5.2

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.5.1

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.6

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.5

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.6.2

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.6.1

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.5.8

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.5.7

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.5.6

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.5.5

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.5.4

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.5.3

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.5.2

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.5.1

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.6

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.5

Trust: 0.3

sources: BID: 37869 // JVNDB: JVNDB-2010-001042 // CNNVD: CNNVD-201001-200 // NVD: CVE-2010-0037

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2010-0037
value: HIGH

Trust: 1.0

134c704f-9b21-4f2e-91b3-4a467353bcc0: CVE-2010-0037
value: HIGH

Trust: 1.0

NVD: CVE-2010-0037
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201001-200
value: CRITICAL

Trust: 0.6

VULHUB: VHN-42642
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2010-0037
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-42642
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

134c704f-9b21-4f2e-91b3-4a467353bcc0: CVE-2010-0037
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.1

Trust: 1.0

sources: VULHUB: VHN-42642 // JVNDB: JVNDB-2010-001042 // CNNVD: CNNVD-201001-200 // NVD: CVE-2010-0037 // NVD: CVE-2010-0037

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.9

sources: VULHUB: VHN-42642 // JVNDB: JVNDB-2010-001042 // NVD: CVE-2010-0037

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201001-200

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-201001-200

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2010-001042

PATCH
title:HT4004url:http://support.apple.com/kb/HT4004
Trust: 0.8
title:HT4004url:http://support.apple.com/kb/HT4004?viewlocale=ja_JP
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2010-001042

EXTERNAL IDS
db:NVDid:CVE-2010-0037
Trust: 2.8
db:BIDid:37869
Trust: 2.8
db:SECUNIAid:38241
Trust: 2.6
db:VUPENid:ADV-2010-0173
Trust: 2.5
db:SECTRACKid:1023473
Trust: 2.5
db:XFid:55747
Trust: 1.4
db:JVNDBid:JVNDB-2010-001042
Trust: 0.8
db:APPLEid:APPLE-SA-2010-01-19-1
Trust: 0.6
db:NSFOCUSid:14374
Trust: 0.6
db:CNNVDid:CNNVD-201001-200
Trust: 0.6
db:VULHUBid:VHN-42642
Trust: 0.1
db:PACKETSTORMid:85459
Trust: 0.1
sources:
            
            
            VULHUB: VHN-42642 // 
            
            
            
            BID: 37869 // 
            
            
            
            JVNDB: JVNDB-2010-001042 // 
            
            
            
            PACKETSTORM: 85459 // 
            
            
            
            CNNVD: CNNVD-201001-200 // 
            
            
            
            NVD: CVE-2010-0037

REFERENCES
url:http://www.securityfocus.com/bid/37869
Trust: 2.5
url:http://www.securitytracker.com/id?1023473
Trust: 2.5
url:http://secunia.com/advisories/38241
Trust: 2.5
url:http://www.vupen.com/english/advisories/2010/0173
Trust: 2.5
url:http://support.apple.com/kb/ht4004
Trust: 1.8
url:http://lists.apple.com/archives/security-announce/2010/jan/msg00000.html
Trust: 1.7
url:http://xforce.iss.net/xforce/xfdb/55747
Trust: 1.4
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/55747
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0037
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-0037
Trust: 0.8
url:http://www.nsfocus.net/vulndb/14374
Trust: 0.6
url:http://www.apple.com/macosx/
Trust: 0.3
url:http://secunia.com/advisories/38241/
Trust: 0.1
url:http://secunia.com/advisories/37364/
Trust: 0.1
url:http://secunia.com/advisories/secunia_security_advisories/
Trust: 0.1
url:http://support.apple.com/kb/dl993
Trust: 0.1
url:http://secunia.com/blog/71/
Trust: 0.1
url:http://support.apple.com/kb/dl994
Trust: 0.1
url:http://support.apple.com/kb/dl992
Trust: 0.1
url:http://secunia.com/advisories/35515/
Trust: 0.1
url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Trust: 0.1
url:http://secunia.com/advisories/37291/
Trust: 0.1
url:http://secunia.com/advisories/37584/
Trust: 0.1
url:http://secunia.com/advisories/about_secunia_advisories/
Trust: 0.1
sources:
            
            
            VULHUB: VHN-42642 // 
            
            
            
            BID: 37869 // 
            
            
            
            JVNDB: JVNDB-2010-001042 // 
            
            
            
            PACKETSTORM: 85459 // 
            
            
            
            CNNVD: CNNVD-201001-200 // 
            
            
            
            NVD: CVE-2010-0037

CREDITS
Jason Carr
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-201001-200

SOURCES
db:VULHUBid:VHN-42642
db:BIDid:37869
db:JVNDBid:JVNDB-2010-001042
db:PACKETSTORMid:85459
db:CNNVDid:CNNVD-201001-200
db:NVDid:CVE-2010-0037

LAST UPDATE DATE
2025-04-11T21:08:58.240000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-42642date:2017-08-17T00:00:00
db:BIDid:37869date:2010-01-19T00:00:00
db:JVNDBid:JVNDB-2010-001042date:2010-02-16T00:00:00
db:CNNVDid:CNNVD-201001-200date:2010-01-23T00:00:00
db:NVDid:CVE-2010-0037date:2025-04-11T00:51:21.963

SOURCES RELEASE DATE
db:VULHUBid:VHN-42642date:2010-01-20T00:00:00
db:BIDid:37869date:2010-01-19T00:00:00
db:JVNDBid:JVNDB-2010-001042date:2010-02-16T00:00:00
db:PACKETSTORMid:85459date:2010-01-20T06:30:55
db:CNNVDid:CNNVD-201001-200date:2010-01-20T00:00:00
db:NVDid:CVE-2010-0037date:2010-01-20T16:30:00.413