Details of VAR-201202-0140

ID

VAR-201202-0140

CVE

CVE-2011-3457

TITLE

Apple Mac OS X and iOS of OpenGL An arbitrary code execution vulnerability in the implementation

Trust: 0.8

sources: JVNDB: JVNDB-2012-001288

DESCRIPTION

The OpenGL implementation in Apple Mac OS X before 10.7.3 does not properly perform OpenGL Shading Language (aka GLSL) compilation, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted program. Apple Mac OS X is prone to multiple memory-corruption vulnerabilities. Attackers can exploit these issues to execute arbitrary code in the context of the affected application. The following products are vulnerable: Mac OS X 10.6.8 Mac OS X Server 10.6.8 Mac OS X 10.7 to 10.7.2 Mac OS X Server 10.7 to 10.7.2 NOTE: This issue was previously discussed in BID 51798 (Apple Mac OS X Prior to 10.7.3 Multiple Security Vulnerabilities) but has been given its own record to better document it. The vulnerability stems from the fact that the OpenGL implementation does not correctly execute the OpenGL Shading Language (also known as GLSL) compilation. corruption or application crash)

Trust: 1.98

sources: NVD: CVE-2011-3457 // JVNDB: JVNDB-2012-001288 // BID: 51808 // VULHUB: VHN-51402

AFFECTED PRODUCTS

vendor:	apple	model:	mac os x	scope:	eq	version:	10.6.8	Trust: 1.6
vendor:	apple	model:	mac os x server	scope:	eq	version:	10.6.7	Trust: 1.6
vendor:	apple	model:	mac os x server	scope:	eq	version:	10.6.2	Trust: 1.6
vendor:	apple	model:	mac os x server	scope:	eq	version:	10.6.3	Trust: 1.6
vendor:	apple	model:	mac os x server	scope:	eq	version:	10.6.5	Trust: 1.6
vendor:	apple	model:	mac os x server	scope:	eq	version:	10.6.8	Trust: 1.6
vendor:	apple	model:	mac os x server	scope:	eq	version:	10.6.4	Trust: 1.6
vendor:	apple	model:	mac os x server	scope:	eq	version:	10.6.1	Trust: 1.6
vendor:	apple	model:	mac os x server	scope:	eq	version:	10.6.6	Trust: 1.6
vendor:	apple	model:	mac os x server	scope:	eq	version:	10.6.0	Trust: 1.6
vendor:	apple	model:	mac os x	scope:	lte	version:	10.7.2	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	eq	version:	10.6.5	Trust: 1.0
vendor:	apple	model:	mac os x server	scope:	eq	version:	10.7.1	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	eq	version:	10.6.4	Trust: 1.0
vendor:	apple	model:	mac os x server	scope:	lte	version:	10.7.2	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	eq	version:	10.7.0	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	eq	version:	10.6.3	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	eq	version:	10.6.2	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	eq	version:	10.6.0	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	eq	version:	10.6.6	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	eq	version:	10.6.1	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	eq	version:	10.6.7	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	eq	version:	10.7.1	Trust: 1.0
vendor:	apple	model:	mac os x server	scope:	eq	version:	10.7.0	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	eq	version:	v10.6.8	Trust: 0.8
vendor:	apple	model:	mac os x	scope:	eq	version:	v10.7 to v10.7.2	Trust: 0.8
vendor:	apple	model:	mac os x server	scope:	eq	version:	v10.6.8	Trust: 0.8
vendor:	apple	model:	mac os x server	scope:	eq	version:	v10.7 to v10.7.2	Trust: 0.8
vendor:	apple	model:	ios	scope:	lt	version:	6 (ipad 2 or later )	Trust: 0.8
vendor:	apple	model:	ios	scope:	lt	version:	6 (iphone 3gs or later )	Trust: 0.8
vendor:	apple	model:	ios	scope:	lt	version:	6 (ipod touch first 4 after generation )	Trust: 0.8
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.7.2	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.7.1	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.7	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.6.8	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.7.2	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.7.1	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	ne	version:	x10.7.3	Trust: 0.3
vendor:	apple	model:	mac os	scope:	ne	version:	x10.7.3	Trust: 0.3

sources: BID: 51808 // JVNDB: JVNDB-2012-001288 // CNNVD: CNNVD-201202-076 // NVD: CVE-2011-3457

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2011-3457
value:	HIGH
Trust: 1.0
NVD:	CVE-2011-3457
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201202-076
value:	HIGH
Trust: 0.6
VULHUB:	VHN-51402
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2011-3457
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-51402
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-51402 // JVNDB: JVNDB-2012-001288 // CNNVD: CNNVD-201202-076 // NVD: CVE-2011-3457

PROBLEMTYPE DATA

problemtype:

CWE-119

Trust: 1.9

sources: VULHUB: VHN-51402 // JVNDB: JVNDB-2012-001288 // NVD: CVE-2011-3457

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201202-076

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-201202-076

CONFIGURATIONS

sources: JVNDB: JVNDB-2012-001288

PATCH

title:	HT5503	url:	http://support.apple.com/kb/HT5503	Trust: 0.8
title:	HT5130	url:	http://support.apple.com/kb/HT5130	Trust: 0.8
title:	HT5130	url:	http://support.apple.com/kb/HT5130?viewlocale=ja_JP	Trust: 0.8
title:	HT5503	url:	http://support.apple.com/kb/HT5503?viewlocale=ja_JP	Trust: 0.8

sources: JVNDB: JVNDB-2012-001288

EXTERNAL IDS

db:	NVD	id:	CVE-2011-3457	Trust: 2.8
db:	JVNDB	id:	JVNDB-2012-001288	Trust: 0.8
db:	CNNVD	id:	CNNVD-201202-076	Trust: 0.7
db:	APPLE	id:	APPLE-SA-2012-02-01-1	Trust: 0.6
db:	NSFOCUS	id:	20813	Trust: 0.6
db:	BID	id:	51808	Trust: 0.4
db:	VULHUB	id:	VHN-51402	Trust: 0.1

sources: VULHUB: VHN-51402 // BID: 51808 // JVNDB: JVNDB-2012-001288 // CNNVD: CNNVD-201202-076 // NVD: CVE-2011-3457

REFERENCES

url:	http://lists.apple.com/archives/security-announce/2012/feb/msg00000.html	Trust: 1.7
url:	http://support.apple.com/kb/ht5130	Trust: 1.7
url:	http://lists.apple.com/archives/security-announce/2012/sep/msg00003.html	Trust: 1.1
url:	http://support.apple.com/kb/ht5503	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-3457	Trust: 0.8
url:	http://jvn.jp/cert/jvnvu382755	Trust: 0.8
url:	http://jvn.jp/cert/jvnvu624491/index.html	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-3457	Trust: 0.8
url:	http://www.nsfocus.net/vulndb/20813	Trust: 0.6
url:	http://www.apple.com/macosx/	Trust: 0.3

sources: VULHUB: VHN-51402 // BID: 51808 // JVNDB: JVNDB-2012-001288 // CNNVD: CNNVD-201202-076 // NVD: CVE-2011-3457

CREDITS

Chris Evans of the Google Chrome Security Team, and Marc Schoenefeld of the Red Hat Security Response Team

Trust: 0.3

sources: BID: 51808

SOURCES

db:	VULHUB	id:	VHN-51402
db:	BID	id:	51808
db:	JVNDB	id:	JVNDB-2012-001288
db:	CNNVD	id:	CNNVD-201202-076
db:	NVD	id:	CVE-2011-3457

LAST UPDATE DATE

2025-04-11T21:05:28.984000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-51402	date:	2012-09-22T00:00:00
db:	BID	id:	51808	date:	2012-02-01T00:00:00
db:	JVNDB	id:	JVNDB-2012-001288	date:	2012-10-05T00:00:00
db:	CNNVD	id:	CNNVD-201202-076	date:	2012-02-06T00:00:00
db:	NVD	id:	CVE-2011-3457	date:	2025-04-11T00:51:21.963

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-51402	date:	2012-02-02T00:00:00
db:	BID	id:	51808	date:	2012-02-01T00:00:00
db:	JVNDB	id:	JVNDB-2012-001288	date:	2012-02-06T00:00:00
db:	CNNVD	id:	CNNVD-201202-076	date:	2012-02-06T00:00:00
db:	NVD	id:	CVE-2011-3457	date:	2012-02-02T18:55:01.363