ID

VAR-201011-0153


CVE

CVE-2010-3785


TITLE

Apple Mac OS X of QuickLook Vulnerable to buffer overflow

Trust: 0.8

sources: JVNDB: JVNDB-2010-002429

DESCRIPTION

Buffer overflow in QuickLook in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Microsoft Office document. Apple Mac OS X is prone to a buffer-overflow vulnerability that affects the QuickLook feature. An attacker can exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions. This issue affects Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X 10.6 to 10.6.4 and Mac OS X Server 10.6 to 10.6.4. NOTE: This issue was previously covered in BID 44778 (Apple Mac OS X Prior to 10.6.5 Multiple Security Vulnerabilities), but has been given its own record to better document it. CVE-ID CVE-2010-3786 : Tobias Klein, working with VeriSign iDefense Labs Numbers for iOS v1.5 is available for download via the App Store. To check the current version of software, select "Settings -> Numbers -> Version". -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2011-07-20-2 iWork 9.1 Update iWork 9.1 Update is now available and addresses the following: Numbers Available for: iWork 9.0 through 9.0.5 Impact: Opening a maliciously crafted Excel file may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in the handling of Excel files. Opening a maliciously crafted Excel file in Numbers may lead to an unexpected application termination or arbitrary code execution. CVE-ID CVE-2010-3785 : Apple Numbers Available for: iWork 9.0 through 9.0.5 Impact: Opening a maliciously crafted Excel file may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in the handling of Excel files. Opening a maliciously crafted Excel file in Numbers may lead to an unexpected application termination or arbitrary code execution. CVE-ID CVE-2010-3786 : Tobias Klein, working with VeriSign iDefense Labs Pages Available for: iWork 9.0 through 9.0.5 Impact: Opening a maliciously crafted Microsoft Word document may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in the handling of Microsoft Word documents. Opening a maliciously crafted Microsoft Word document in Pages may lead to an unexpected application termination or arbitrary code execution. CVE-ID CVE-2011-1417 : Charlie Miller and Dion Blazakis working with TippingPoint's Zero Day Initiative iWork 9.1 Update is available via the Apple Software Update application, or Apple's Software Downloads web site: http://www.apple.com/support/downloads/ The download file is named: iWork9.1Update.dmg Its SHA-1 digest is: ecb38db74d7d1954cbcee9220c73dac85cace3e1 Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (Darwin) iQEcBAEBAgAGBQJOKcGrAAoJEGnF2JsdZQeewcYH/RhHdLa6x14PX+ZTC+sm1Mjc W1xBpOxMuBpAx3Li6INXXLvMablTgPIs5e3pbtsV0RYtsJy99JdPySPI8bpQu0Si CVWuXXSBYy2gdTtRAf6MI3j+oOyM1JhE7GunLBWcmAzv5TxS8TRf0HtNErFEe8NA StV8QBWLErNyHxqjUQsIb5d1KbIbOysFQZy3O6pyZ6SRwr8tlIPKnY4KsaDYS5Ry tpv3lMysde5NqCy8BeOQEtW/WAmE7i9NCCNfU2L+OfGQOXIdXmKl7Orjj+d9l23L umGo9GCACvBVO1Ot6jKDlCW+ZuDRGuz+fhQnwOdyoqtwUwiNCsS6VIwuYYrcmxw= =wrny -----END PGP SIGNATURE-----

Trust: 2.25

sources: NVD: CVE-2010-3785 // JVNDB: JVNDB-2010-002429 // BID: 44812 // VULHUB: VHN-46390 // VULMON: CVE-2010-3785 // PACKETSTORM: 105743 // PACKETSTORM: 103386

AFFECTED PRODUCTS

vendor:applemodel:mac os xscope:eqversion:10.6.2

Trust: 1.6

vendor:applemodel:mac os x serverscope:eqversion:10.6.2

Trust: 1.6

vendor:applemodel:mac os xscope:eqversion:10.6.1

Trust: 1.6

vendor:applemodel:mac os xscope:eqversion:10.5.8

Trust: 1.6

vendor:applemodel:mac os x serverscope:eqversion:10.6.3

Trust: 1.6

vendor:applemodel:mac os x serverscope:eqversion:10.6.4

Trust: 1.6

vendor:applemodel:mac os x serverscope:eqversion:10.6.1

Trust: 1.6

vendor:applemodel:mac os x serverscope:eqversion:10.5.8

Trust: 1.6

vendor:applemodel:mac os xscope:eqversion:10.6.0

Trust: 1.6

vendor:applemodel:mac os x serverscope:eqversion:10.6.0

Trust: 1.6

vendor:applemodel:mac os xscope:eqversion:10.6.3

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.6.4

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:v10.5.8

Trust: 0.8

vendor:applemodel:mac os xscope:eqversion:v10.6 to v10.6.4

Trust: 0.8

vendor:applemodel:mac os x serverscope:eqversion:v10.5.8

Trust: 0.8

vendor:applemodel:mac os x serverscope:eqversion:v10.6 to v10.6.4

Trust: 0.8

vendor:applemodel:iworkscope:eqversion:9.0 to 9.0.5

Trust: 0.8

vendor:applemodel:numbers for iosscope:eqversion:0

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.6.4

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.6.3

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.6.2

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.6.1

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.5.8

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.6

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.6.4

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.6.3

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.6.2

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.6.1

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.5.8

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.6

Trust: 0.3

vendor:applemodel:iworkscope:eqversion:9.0.5

Trust: 0.3

vendor:applemodel:iworkscope:eqversion:9.0.4

Trust: 0.3

vendor:applemodel:iworkscope:eqversion:9.0.3

Trust: 0.3

vendor:applemodel:iworkscope:eqversion:9.0.2

Trust: 0.3

vendor:applemodel:iworkscope:eqversion:9.0.1

Trust: 0.3

vendor:applemodel:iworkscope:eqversion:9.0

Trust: 0.3

vendor:applemodel:numbers for iosscope:neversion:1.5

Trust: 0.3

vendor:applemodel:mac os serverscope:neversion:x10.6.5

Trust: 0.3

vendor:applemodel:iworkscope:neversion:9.1

Trust: 0.3

sources: BID: 44812 // JVNDB: JVNDB-2010-002429 // CNNVD: CNNVD-201011-171 // NVD: CVE-2010-3785

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2010-3785
value: MEDIUM

Trust: 1.0

NVD: CVE-2010-3785
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201011-171
value: MEDIUM

Trust: 0.6

VULHUB: VHN-46390
value: MEDIUM

Trust: 0.1

VULMON: CVE-2010-3785
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2010-3785
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-46390
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-46390 // VULMON: CVE-2010-3785 // JVNDB: JVNDB-2010-002429 // CNNVD: CNNVD-201011-171 // NVD: CVE-2010-3785

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.9

sources: VULHUB: VHN-46390 // JVNDB: JVNDB-2010-002429 // NVD: CVE-2010-3785

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201011-171

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-201011-171

CONFIGURATIONS

sources: JVNDB: JVNDB-2010-002429

PATCH

title:HT4435url:http://support.apple.com/kb/HT4435

Trust: 0.8

title:HT4830url:http://support.apple.com/kb/HT4830

Trust: 0.8

title:HT4435url:http://support.apple.com/kb/HT4435?viewlocale=ja_JP

Trust: 0.8

title:HT4830url:http://support.apple.com/kb/HT4830?viewlocale=ja_JP

Trust: 0.8

sources: JVNDB: JVNDB-2010-002429

EXTERNAL IDS

db:NVDid:CVE-2010-3785

Trust: 3.1

db:SECTRACKid:1024723

Trust: 1.2

db:JVNDBid:JVNDB-2010-002429

Trust: 0.8

db:CNNVDid:CNNVD-201011-171

Trust: 0.7

db:APPLEid:APPLE-SA-2010-11-10-1

Trust: 0.6

db:NSFOCUSid:17342

Trust: 0.6

db:BIDid:44812

Trust: 0.4

db:PACKETSTORMid:103386

Trust: 0.2

db:PACKETSTORMid:105743

Trust: 0.2

db:SEEBUGid:SSVID-20774

Trust: 0.1

db:VULHUBid:VHN-46390

Trust: 0.1

db:VULMONid:CVE-2010-3785

Trust: 0.1

sources: VULHUB: VHN-46390 // VULMON: CVE-2010-3785 // BID: 44812 // JVNDB: JVNDB-2010-002429 // PACKETSTORM: 105743 // PACKETSTORM: 103386 // CNNVD: CNNVD-201011-171 // NVD: CVE-2010-3785

REFERENCES

url:http://lists.apple.com/archives/security-announce/2010//nov/msg00000.html

Trust: 1.8

url:http://support.apple.com/kb/ht4435

Trust: 1.8

url:http://lists.apple.com/archives/security-announce/2011//oct/msg00006.html

Trust: 1.2

url:http://support.apple.com/kb/ht5004

Trust: 1.2

url:http://www.securitytracker.com/id?1024723

Trust: 1.2

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3785

Trust: 0.8

url:http://jvn.jp/cert/jvnvu331391

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-3785

Trust: 0.8

url:http://www.nsfocus.net/vulndb/17342

Trust: 0.6

url:http://www.apple.com/macosx/

Trust: 0.3

url:http://www.securityfocus.com/advisories/20899

Trust: 0.3

url:https://www.apple.com/support/security/pgp/

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2010-3785

Trust: 0.2

url:http://support.apple.com/kb/ht1222

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2010-3786

Trust: 0.2

url:https://cwe.mitre.org/data/definitions/119.html

Trust: 0.1

url:https://www.rapid7.com/db/vulnerabilities/apple-osx-quicklook-cve-2010-3785

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:http://www.apple.com/support/downloads/

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-1417

Trust: 0.1

sources: VULHUB: VHN-46390 // VULMON: CVE-2010-3785 // BID: 44812 // JVNDB: JVNDB-2010-002429 // PACKETSTORM: 105743 // PACKETSTORM: 103386 // CNNVD: CNNVD-201011-171 // NVD: CVE-2010-3785

CREDITS

Apple

Trust: 0.5

sources: BID: 44812 // PACKETSTORM: 105743 // PACKETSTORM: 103386

SOURCES

db:VULHUBid:VHN-46390
db:VULMONid:CVE-2010-3785
db:BIDid:44812
db:JVNDBid:JVNDB-2010-002429
db:PACKETSTORMid:105743
db:PACKETSTORMid:103386
db:CNNVDid:CNNVD-201011-171
db:NVDid:CVE-2010-3785

LAST UPDATE DATE

2025-04-11T19:52:16.761000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-46390date:2011-10-21T00:00:00
db:VULMONid:CVE-2010-3785date:2011-10-21T00:00:00
db:BIDid:44812date:2011-10-12T20:10:00
db:JVNDBid:JVNDB-2010-002429date:2011-08-08T00:00:00
db:CNNVDid:CNNVD-201011-171date:2010-11-18T00:00:00
db:NVDid:CVE-2010-3785date:2025-04-11T00:51:21.963

SOURCES RELEASE DATE

db:VULHUBid:VHN-46390date:2010-11-16T00:00:00
db:VULMONid:CVE-2010-3785date:2010-11-16T00:00:00
db:BIDid:44812date:2010-11-10T00:00:00
db:JVNDBid:JVNDB-2010-002429date:2010-12-01T00:00:00
db:PACKETSTORMid:105743date:2011-10-13T02:45:25
db:PACKETSTORMid:103386date:2011-07-25T19:31:02
db:CNNVDid:CNNVD-201011-171date:2010-11-18T00:00:00
db:NVDid:CVE-2010-3785date:2010-11-16T22:00:16.023