Sign-up

ID

VAR-201106-0241


CVE

CVE-2011-2601


TITLE

Mac OS X of GPU Service operation interruption in support function (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2011-004745

DESCRIPTION

The GPU support functionality in Mac OS X does not properly restrict rendering time, which allows remote attackers to cause a denial of service (desktop hang) via vectors involving WebGL and (1) shader programs or (2) complex 3D geometry, as demonstrated by using Mozilla Firefox or Google Chrome to visit the lots-of-polys-example.html test page in the Khronos WebGL SDK. Mac OS X is prone to a denial-of-service vulnerability. Apple Mac OS X is a dedicated operating system developed by Apple for Mac computers

Trust: 1.98

sources: NVD: CVE-2011-2601 // JVNDB: JVNDB-2011-004745 // BID: 78433 // VULHUB: VHN-50546

AFFECTED PRODUCTS

vendor:applemodel:mac os xscope: - version: -

Trust: 1.4

vendor:applemodel:mac os xscope:eqversion:*

Trust: 1.0

vendor:applemodel:mac os updatescope:eqversion:x10.614

Trust: 0.3

sources: BID: 78433 // JVNDB: JVNDB-2011-004745 // CNNVD: CNNVD-201106-393 // NVD: CVE-2011-2601

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2011-2601
value: HIGH

Trust: 1.0

NVD: CVE-2011-2601
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201106-393
value: HIGH

Trust: 0.6

VULHUB: VHN-50546
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2011-2601
severity: HIGH
baseScore: 7.1
vectorString: AV:N/AC:M/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-50546
severity: HIGH
baseScore: 7.1
vectorString: AV:N/AC:M/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-50546 // JVNDB: JVNDB-2011-004745 // CNNVD: CNNVD-201106-393 // NVD: CVE-2011-2601

PROBLEMTYPE DATA

problemtype:CWE-264

Trust: 1.9

sources: VULHUB: VHN-50546 // JVNDB: JVNDB-2011-004745 // NVD: CVE-2011-2601

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201106-393

TYPE

permissions and access control

Trust: 0.6

sources: CNNVD: CNNVD-201106-393

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2011-004745

PATCH
title:Apple OS Xurl:http://www.apple.com/macosx/
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2011-004745

EXTERNAL IDS
db:NVDid:CVE-2011-2601
Trust: 2.8
db:JVNDBid:JVNDB-2011-004745
Trust: 0.8
db:CNNVDid:CNNVD-201106-393
Trust: 0.7
db:BIDid:78433
Trust: 0.4
db:VULHUBid:VHN-50546
Trust: 0.1
sources:
            
            
            VULHUB: VHN-50546 // 
            
            
            
            BID: 78433 // 
            
            
            
            JVNDB: JVNDB-2011-004745 // 
            
            
            
            CNNVD: CNNVD-201106-393 // 
            
            
            
            NVD: CVE-2011-2601

REFERENCES
url:http://www.contextis.com/resources/blog/webgl/
Trust: 2.0
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-2601
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-2601
Trust: 0.8
sources:
            
            
            VULHUB: VHN-50546 // 
            
            
            
            BID: 78433 // 
            
            
            
            JVNDB: JVNDB-2011-004745 // 
            
            
            
            CNNVD: CNNVD-201106-393 // 
            
            
            
            NVD: CVE-2011-2601

CREDITS
Unknown
Trust: 0.3
sources:
            
            
            BID: 78433

SOURCES
db:VULHUBid:VHN-50546
db:BIDid:78433
db:JVNDBid:JVNDB-2011-004745
db:CNNVDid:CNNVD-201106-393
db:NVDid:CVE-2011-2601

LAST UPDATE DATE
2025-04-11T23:07:29.536000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-50546date:2011-07-12T00:00:00
db:BIDid:78433date:2011-06-30T00:00:00
db:JVNDBid:JVNDB-2011-004745date:2012-03-27T00:00:00
db:CNNVDid:CNNVD-201106-393date:2011-07-01T00:00:00
db:NVDid:CVE-2011-2601date:2025-04-11T00:51:21.963

SOURCES RELEASE DATE
db:VULHUBid:VHN-50546date:2011-06-30T00:00:00
db:BIDid:78433date:2011-06-30T00:00:00
db:JVNDBid:JVNDB-2011-004745date:2012-03-27T00:00:00
db:CNNVDid:CNNVD-201106-393date:2011-06-30T00:00:00
db:NVDid:CVE-2011-2601date:2011-06-30T15:55:04.597