Details of VAR-201101-0033

ID

VAR-201101-0033

CVE

CVE-2011-0639

TITLE

Apple of Mac OS X Vulnerable to arbitrary program execution

Trust: 0.8

sources: JVNDB: JVNDB-2011-004185

DESCRIPTION

Apple Mac OS X does not properly warn the user before enabling additional Human Interface Device (HID) functionality over USB, which allows user-assisted attackers to execute arbitrary programs via crafted USB data, as demonstrated by keyboard and mouse data sent by malware on a smartphone that the user connected to the computer. Apple Mac OS X is a dedicated operating system developed by Apple for Mac computers. A user-assisted attacker can execute arbitrary programs with the help of specially crafted USB data

Trust: 1.71

sources: NVD: CVE-2011-0639 // JVNDB: JVNDB-2011-004185 // VULHUB: VHN-48584

AFFECTED PRODUCTS

vendor:	apple	model:	mac os x	scope:	-	version:	-	Trust: 1.4
vendor:	apple	model:	mac os x	scope:	eq	version:	*	Trust: 1.0

sources: JVNDB: JVNDB-2011-004185 // CNNVD: CNNVD-201101-355 // NVD: CVE-2011-0639

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2011-0639
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2011-0639
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201101-355
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-48584
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2011-0639
severity:	MEDIUM
baseScore:	6.9
vectorString:	AV:L/AC:M/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.4
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-48584
severity:	MEDIUM
baseScore:	6.9
vectorString:	AV:L/AC:M/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.4
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-48584 // JVNDB: JVNDB-2011-004185 // CNNVD: CNNVD-201101-355 // NVD: CVE-2011-0639

PROBLEMTYPE DATA

problemtype:

CWE-16

Trust: 1.9

sources: VULHUB: VHN-48584 // JVNDB: JVNDB-2011-004185 // NVD: CVE-2011-0639

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-201101-355

TYPE

configuration error

Trust: 0.6

sources: CNNVD: CNNVD-201101-355

CONFIGURATIONS

sources: JVNDB: JVNDB-2011-004185

PATCH

title:

Apple OS X

url:

http://www.apple.com/macosx/

Trust: 0.8

sources: JVNDB: JVNDB-2011-004185

EXTERNAL IDS

db:	NVD	id:	CVE-2011-0639	Trust: 2.5
db:	JVNDB	id:	JVNDB-2011-004185	Trust: 0.8
db:	CNNVD	id:	CNNVD-201101-355	Trust: 0.7
db:	VULHUB	id:	VHN-48584	Trust: 0.1

sources: VULHUB: VHN-48584 // JVNDB: JVNDB-2011-004185 // CNNVD: CNNVD-201101-355 // NVD: CVE-2011-0639

REFERENCES

url:	http://news.cnet.com/8301-27080_3-20028919-245.html	Trust: 1.7
url:	http://www.blackhat.com/html/bh-dc-11/bh-dc-11-briefings.html#stavrou	Trust: 1.7
url:	http://www.cs.gmu.edu/~astavrou/publications.html	Trust: 1.7
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0639	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-0639	Trust: 0.8

sources: VULHUB: VHN-48584 // JVNDB: JVNDB-2011-004185 // CNNVD: CNNVD-201101-355 // NVD: CVE-2011-0639

SOURCES

db:	VULHUB	id:	VHN-48584
db:	JVNDB	id:	JVNDB-2011-004185
db:	CNNVD	id:	CNNVD-201101-355
db:	NVD	id:	CVE-2011-0639

LAST UPDATE DATE

2025-04-11T23:13:02.009000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-48584	date:	2011-04-28T00:00:00
db:	JVNDB	id:	JVNDB-2011-004185	date:	2012-03-27T00:00:00
db:	CNNVD	id:	CNNVD-201101-355	date:	2011-01-26T00:00:00
db:	NVD	id:	CVE-2011-0639	date:	2025-04-11T00:51:21.963

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-48584	date:	2011-01-25T00:00:00
db:	JVNDB	id:	JVNDB-2011-004185	date:	2012-03-27T00:00:00
db:	CNNVD	id:	CNNVD-201101-355	date:	2011-01-25T00:00:00
db:	NVD	id:	CVE-2011-0639	date:	2011-01-25T01:00:03.207