Details of VAR-200409-0014

ID

VAR-200409-0014

CVE

CVE-2004-0822

TITLE

Apple QuickTime Streaming Server vulnerable to DoS

Trust: 0.8

sources: CERT/CC: VU#914870

DESCRIPTION

Buffer overflow in The Core Foundation framework (CoreFoundation.framework) in Mac OS X 10.2.8, 10.3.4, and 10.3.5 allows local users to execute arbitrary code via a certain environment variable. There is a vulnerability in the Apple QuickTime Streaming Server that could allow a remote attacker to cause a denial-of-service condition. It is reported that a buffer overflow vulnerability is present in CoreFoundation related to its handling of an unspecified environment variable. Consequently, privileged applications using CoreFoundation may be exploited by local users to elevate their access level to that of the application. It is not known if all applications using CoreFoundation are vulnerable. Mac OS X is an operating system used on Mac machines, based on the BSD system. Apple Mac OS X CoreFoundation has library loading processing issues and buffer overflows. Local attackers can exploit this vulnerability to obtain ROOT privileges. Apple reports that local users can use the CoreFoundation CFPlugIn application to load any user-provided library to obtain ROOT privileges [CVE: CAN -2004-0821]

Trust: 3.42

sources: NVD: CVE-2004-0822 // CERT/CC: VU#914870 // CERT/CC: VU#545446 // CERT/CC: VU#704110 // BID: 11136 // VULHUB: VHN-9252

AFFECTED PRODUCTS

vendor:	apple computer	model:	-	scope:	-	version:	-	Trust: 2.4
vendor:	apple	model:	mac os x	scope:	eq	version:	10.3.4	Trust: 1.6
vendor:	apple	model:	mac os x server	scope:	eq	version:	10.3.5	Trust: 1.6
vendor:	apple	model:	mac os x server	scope:	eq	version:	10.3.4	Trust: 1.6
vendor:	apple	model:	mac os x	scope:	eq	version:	10.2.8	Trust: 1.6
vendor:	apple	model:	mac os x	scope:	eq	version:	10.3.5	Trust: 1.6
vendor:	apple	model:	mac os x server	scope:	eq	version:	10.2.8	Trust: 1.6
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.3.5	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.3.4	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.2.8	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.3.5	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.3.4	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2.8	Trust: 0.3

sources: CERT/CC: VU#914870 // CERT/CC: VU#545446 // CERT/CC: VU#704110 // BID: 11136 // CNNVD: CNNVD-200409-015 // NVD: CVE-2004-0822

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2004-0822
value:	HIGH
Trust: 1.0
CARNEGIE MELLON:	VU#914870
value:	1.73
Trust: 0.8
CARNEGIE MELLON:	VU#545446
value:	9.62
Trust: 0.8
CARNEGIE MELLON:	VU#704110
value:	5.91
Trust: 0.8
CNNVD:	CNNVD-200409-015
value:	HIGH
Trust: 0.6
VULHUB:	VHN-9252
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2004-0822
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-9252
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: CERT/CC: VU#914870 // CERT/CC: VU#545446 // CERT/CC: VU#704110 // VULHUB: VHN-9252 // CNNVD: CNNVD-200409-015 // NVD: CVE-2004-0822

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2004-0822

THREAT TYPE

local

Trust: 0.9

sources: BID: 11136 // CNNVD: CNNVD-200409-015

TYPE

Boundary Condition Error

Trust: 0.9

sources: BID: 11136 // CNNVD: CNNVD-200409-015

EXTERNAL IDS

db:	SECUNIA	id:	12491	Trust: 4.1
db:	CERT/CC	id:	VU#545446	Trust: 2.5
db:	BID	id:	11136	Trust: 2.0
db:	NVD	id:	CVE-2004-0822	Trust: 2.0
db:	SECTRACK	id:	1011174	Trust: 1.6
db:	BID	id:	11138	Trust: 0.8
db:	SECTRACK	id:	1011176	Trust: 0.8
db:	CERT/CC	id:	VU#914870	Trust: 0.8
db:	CERT/CC	id:	VU#704110	Trust: 0.8
db:	CNNVD	id:	CNNVD-200409-015	Trust: 0.7
db:	APPLE	id:	APPLE-SA-2004-09-07	Trust: 0.6
db:	XF	id:	17295	Trust: 0.6
db:	CIAC	id:	O-212	Trust: 0.6
db:	VULHUB	id:	VHN-9252	Trust: 0.1

sources: CERT/CC: VU#914870 // CERT/CC: VU#545446 // CERT/CC: VU#704110 // VULHUB: VHN-9252 // BID: 11136 // CNNVD: CNNVD-200409-015 // NVD: CVE-2004-0822

REFERENCES

url:	http://secunia.com/advisories/12491/	Trust: 4.1
url:	http://docs.info.apple.com/article.html?artnum=61798	Trust: 2.4
url:	http://www.securityfocus.com/advisories/7148	Trust: 1.7
url:	http://www.securityfocus.com/bid/11136	Trust: 1.7
url:	http://www.kb.cert.org/vuls/id/545446	Trust: 1.7
url:	http://www.ciac.org/ciac/bulletins/o-212.shtml	Trust: 1.7
url:	http://developer.apple.com/documentation/macosx/conceptual/systemoverview/systemarchitecture/chapter_3_section_7.html	Trust: 1.6
url:	http://www.securitytracker.com/alerts/2004/sep/1011174.html	Trust: 1.6
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/17295	Trust: 1.1
url:	http://www.securitytracker.com/alerts/2004/sep/1011176.html	Trust: 0.8
url:	http://www.securityfocus.com/bid/11138	Trust: 0.8
url:	http://developer.apple.com/documentation/corefoundation/reference/cfpluginref/reference/introduction.html	Trust: 0.8
url:	http://xforce.iss.net/xforce/xfdb/17295	Trust: 0.6

sources: CERT/CC: VU#914870 // CERT/CC: VU#545446 // CERT/CC: VU#704110 // VULHUB: VHN-9252 // CNNVD: CNNVD-200409-015 // NVD: CVE-2004-0822

CREDITS

Apple

Trust: 0.6

sources: CNNVD: CNNVD-200409-015

SOURCES

db:	CERT/CC	id:	VU#914870
db:	CERT/CC	id:	VU#545446
db:	CERT/CC	id:	VU#704110
db:	VULHUB	id:	VHN-9252
db:	BID	id:	11136
db:	CNNVD	id:	CNNVD-200409-015
db:	NVD	id:	CVE-2004-0822

LAST UPDATE DATE

2024-08-14T12:54:31.729000+00:00

SOURCES UPDATE DATE

db:	CERT/CC	id:	VU#914870	date:	2004-09-15T00:00:00
db:	CERT/CC	id:	VU#545446	date:	2004-09-29T00:00:00
db:	CERT/CC	id:	VU#704110	date:	2004-09-09T00:00:00
db:	VULHUB	id:	VHN-9252	date:	2017-07-11T00:00:00
db:	BID	id:	11136	date:	2009-07-12T07:06:00
db:	CNNVD	id:	CNNVD-200409-015	date:	2005-10-20T00:00:00
db:	NVD	id:	CVE-2004-0822	date:	2017-07-11T01:30:30.340

SOURCES RELEASE DATE

db:	CERT/CC	id:	VU#914870	date:	2004-09-13T00:00:00
db:	CERT/CC	id:	VU#545446	date:	2004-09-09T00:00:00
db:	CERT/CC	id:	VU#704110	date:	2004-09-09T00:00:00
db:	VULHUB	id:	VHN-9252	date:	2004-09-07T00:00:00
db:	BID	id:	11136	date:	2004-09-07T00:00:00
db:	CNNVD	id:	CNNVD-200409-015	date:	2004-09-07T00:00:00
db:	NVD	id:	CVE-2004-0822	date:	2004-09-07T04:00:00