Details of VAR-201006-0134

ID

VAR-201006-0134

CVE

CVE-2010-1380

TITLE

Apple Mac OS X of cgtexttops CUPS Integer overflow vulnerability in filters

Trust: 0.8

sources: JVNDB: JVNDB-2010-001659

DESCRIPTION

Integer overflow in the cgtexttops CUPS filter in Printing in Apple Mac OS X 10.6 before 10.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to page sizes. Attackers can exploit this issue to execute arbitrary code with the privileges of the vulnerable application; failed attacks will result in denial-of-service conditions. This issue affects Mac OS X 10.6 through 10.6.3 and Mac OS X Server 10.6 through 10.6.3. Apple Mac OS X is prone to multiple security vulnerabilities that have been addressed in Security Update 2010-004. The update addresses new vulnerabilities that affect the CUPS, DesktopServices, Folder Manager, Help Viewer, iChat, ImageIO, Network Authorization, Open Directory, Printer Setup, Printing, Ruby, SMB File Server, and Wiki Server components of Mac OS X. The advisory also contains security updates for 13 previously reported issues. This BID is being retired. The following individual records exist to better document the issues: 40886 Apple Mac OS X Help Viewer 'help://' URI Cross Site Scripting Vulnerability 40887 Apple Mac OS X Folder Manager Symbolic Link Handling Security Bypass Vulnerability 40888 Apple Mac OS X Prior to 10.6.4 Printer Setup (CVE-2010-1379) Remote Denial Of Service Vulnerability 40889 Apple Mac OS X CUPS Web Interface Unspecified Cross Site Request Forgery Vulnerability 40892 Apple Mac OS X Wiki Server Comment HTML Injection Vulnerability 40893 Apple Mac OS X Samba Wide Links Symbolic Link Handling Security Bypass Vulnerability 40894 Apple Mac OS X Prior to 10.6.4 ImageIO (CVE-2010-0543) Remote Code Execution Vulnerability 40895 Ruby WEBrick UTF-7 Encoding Cross Site Scripting Vulnerability 40896 Apple Mac OS X iChat Inline Image Transfer Directory Traversal Vulnerability 40897 Apple Mac OS X CUPS Web Interface Unspecified Information Disclosure Vulnerability 40898 Apple Mac OS X DesktopServices Component Insecure File Permissions Vulnerability 40901 Apple Mac OS X Network Authorization Local Privilege Escalation Vulnerability 40902 Apple Mac OS X Network Authorization URI Handler Remote Format String Vulnerability 40903 Apple Mac OS X Prior to 10.6.4 Printing (CVE-2010-1380) Integer Overflow Vulnerability 40905 Apple Mac OS X Prior to 10.6.4 Open Directory (CVE-2010-1377) Security Bypass Vulnerability

Trust: 2.25

sources: NVD: CVE-2010-1380 // JVNDB: JVNDB-2010-001659 // BID: 40903 // BID: 40871 // VULHUB: VHN-43985

AFFECTED PRODUCTS

vendor:	apple	model:	mac os x	scope:	eq	version:	10.6.3	Trust: 1.6
vendor:	apple	model:	mac os x	scope:	eq	version:	10.6.2	Trust: 1.6
vendor:	apple	model:	mac os x server	scope:	eq	version:	10.6.2	Trust: 1.6
vendor:	apple	model:	mac os x	scope:	eq	version:	10.6.1	Trust: 1.6
vendor:	apple	model:	mac os x server	scope:	eq	version:	10.6.3	Trust: 1.6
vendor:	apple	model:	mac os x server	scope:	eq	version:	10.6.1	Trust: 1.6
vendor:	apple	model:	mac os x	scope:	eq	version:	10.6.0	Trust: 1.6
vendor:	apple	model:	mac os x server	scope:	eq	version:	10.6.0	Trust: 1.6
vendor:	apple	model:	mac os x	scope:	eq	version:	v10.6 to v10.6.3	Trust: 0.8
vendor:	apple	model:	mac os x server	scope:	eq	version:	v10.6 to v10.6.3	Trust: 0.8
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.6.3	Trust: 0.6
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.6.2	Trust: 0.6
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.6.1	Trust: 0.6
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.6	Trust: 0.6
vendor:	apple	model:	mac os	scope:	eq	version:	x10.6.3	Trust: 0.6
vendor:	apple	model:	mac os	scope:	eq	version:	x10.6.2	Trust: 0.6
vendor:	apple	model:	mac os	scope:	eq	version:	x10.6.1	Trust: 0.6
vendor:	apple	model:	mac os	scope:	eq	version:	x10.6	Trust: 0.6
vendor:	apple	model:	mac os server	scope:	ne	version:	x10.6.4	Trust: 0.6
vendor:	apple	model:	mac os	scope:	ne	version:	x10.6.4	Trust: 0.6
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.5.8	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.5.7	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.5.6	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.5.5	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.5.4	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.5.3	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.5.2	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.5.1	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.5	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.5.8	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.5.7	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.5.6	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.5.5	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.5.4	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.5.3	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.5.2	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.5.1	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.5	Trust: 0.3

sources: BID: 40903 // BID: 40871 // JVNDB: JVNDB-2010-001659 // CNNVD: CNNVD-201006-291 // NVD: CVE-2010-1380

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2010-1380
value:	HIGH
Trust: 1.0
NVD:	CVE-2010-1380
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201006-291
value:	HIGH
Trust: 0.6
VULHUB:	VHN-43985
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2010-1380
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-43985
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-43985 // JVNDB: JVNDB-2010-001659 // CNNVD: CNNVD-201006-291 // NVD: CVE-2010-1380

PROBLEMTYPE DATA

problemtype:

CWE-189

Trust: 1.9

sources: VULHUB: VHN-43985 // JVNDB: JVNDB-2010-001659 // NVD: CVE-2010-1380

THREAT TYPE

network

Trust: 0.6

sources: BID: 40903 // BID: 40871

TYPE

digital error

Trust: 0.6

sources: CNNVD: CNNVD-201006-291

CONFIGURATIONS

sources: JVNDB: JVNDB-2010-001659

PATCH

title:	HT4188	url:	http://support.apple.com/kb/HT4188	Trust: 0.8
title:	HT4188	url:	http://support.apple.com/kb/HT4188?viewlocale=ja_JP	Trust: 0.8
title:	Mac OS X v10.6.4 Update (Combo)	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=3705	Trust: 0.6
title:	Mac OS X Server v10.6.4 Update Mac mini (Mid 2010)	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=3709	Trust: 0.6
title:	Mac OS X v10.6.4 Update	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=3704	Trust: 0.6
title:	Mac OS X Server v10.6.4 Update (Combo)	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=3708	Trust: 0.6
title:	Security Update 2010-004 (Leopard-Client)	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=3703	Trust: 0.6

sources: JVNDB: JVNDB-2010-001659 // CNNVD: CNNVD-201006-291

EXTERNAL IDS

db:	NVD	id:	CVE-2010-1380	Trust: 2.8
db:	VUPEN	id:	ADV-2010-1481	Trust: 2.5
db:	SECUNIA	id:	40220	Trust: 2.5
db:	SECTRACK	id:	1024103	Trust: 2.5
db:	BID	id:	40871	Trust: 2.0
db:	JVNDB	id:	JVNDB-2010-001659	Trust: 0.8
db:	CNNVD	id:	CNNVD-201006-291	Trust: 0.7
db:	APPLE	id:	APPLE-SA-2010-06-15-1	Trust: 0.6
db:	BID	id:	40903	Trust: 0.4
db:	VULHUB	id:	VHN-43985	Trust: 0.1

sources: VULHUB: VHN-43985 // BID: 40903 // BID: 40871 // JVNDB: JVNDB-2010-001659 // CNNVD: CNNVD-201006-291 // NVD: CVE-2010-1380

REFERENCES

url:	http://secunia.com/advisories/40220	Trust: 2.5
url:	http://www.vupen.com/english/advisories/2010/1481	Trust: 2.5
url:	http://lists.apple.com/archives/security-announce/2010//jun/msg00001.html	Trust: 1.7
url:	http://www.securityfocus.com/bid/40871	Trust: 1.7
url:	http://support.apple.com/kb/ht4188	Trust: 1.7
url:	http://securitytracker.com/id?1024103	Trust: 1.7
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1380	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-1380	Trust: 0.8
url:	http://www.securitytracker.com/id?1024103	Trust: 0.8
url:	http://www.apple.com/macosx/	Trust: 0.6

sources: VULHUB: VHN-43985 // BID: 40903 // BID: 40871 // JVNDB: JVNDB-2010-001659 // CNNVD: CNNVD-201006-291 // NVD: CVE-2010-1380

CREDITS

Apple; Adrian 'pagvac' Pastor of GNUCITIZEN, and Tim Starling; Tim Waugh; Luca Carettoni; Michi Ruepp of pianobakery.com; Clint Ruoho of Laconic Security; Kevin Finisterre of digitalmunition.com; MIT Kerberos Team; Joel Johnson, Debian, Brian Almeida; Emm

Trust: 0.6

sources: CNNVD: CNNVD-201006-291

SOURCES

db:	VULHUB	id:	VHN-43985
db:	BID	id:	40903
db:	BID	id:	40871
db:	JVNDB	id:	JVNDB-2010-001659
db:	CNNVD	id:	CNNVD-201006-291
db:	NVD	id:	CVE-2010-1380

LAST UPDATE DATE

2025-04-11T19:38:54.223000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-43985	date:	2010-06-18T00:00:00
db:	BID	id:	40903	date:	2010-06-15T00:00:00
db:	BID	id:	40871	date:	2010-06-16T21:59:00
db:	JVNDB	id:	JVNDB-2010-001659	date:	2010-07-12T00:00:00
db:	CNNVD	id:	CNNVD-201006-291	date:	2010-06-21T00:00:00
db:	NVD	id:	CVE-2010-1380	date:	2025-04-11T00:51:21.963

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-43985	date:	2010-06-17T00:00:00
db:	BID	id:	40903	date:	2010-06-15T00:00:00
db:	BID	id:	40871	date:	2010-06-15T00:00:00
db:	JVNDB	id:	JVNDB-2010-001659	date:	2010-07-12T00:00:00
db:	CNNVD	id:	CNNVD-201006-291	date:	2010-06-21T00:00:00
db:	NVD	id:	CVE-2010-1380	date:	2010-06-17T16:30:01.700