CVE-2003-0871
CVSS7.5
发布时间 :2003-11-03 00:00:00
修订时间 :2008-09-10 15:20:48
NMCOS    

[原文]Unknown vulnerability in QuickTime Java in Mac OS X v10.3 and Mac OS X Server 10.3 allows attackers to gain "unauthorized access to a system."


[CNNVD]Apple Mac OS X 10.3未明Apple Quicktime Java漏洞(CNNVD-200311-018)

        
        Mac OS X是一款使用在Mac机器上的操作系统,基于BSD系统。
        Mac OS X的Quicktime Java实现存在未明安全问题,可能导致权限提升或其他未授权访问。
        目前没有详细漏洞细节提供。
        

- CVSS (基础分值)

CVSS分值: 7.5 [严重(HIGH)]
机密性影响: PARTIAL [很可能造成信息泄露]
完整性影响: PARTIAL [可能会导致系统文件被修改]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/o:apple:mac_os_x_server:10.3Apple Mac OS X Server 10.3
cpe:/o:apple:mac_os_x:10.3Apple Mac OS X 10.3

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0871
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2003-0871
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200311-018
(官方数据源) CNNVD

- 其它链接及资源

http://www.securityfocus.com/bid/8922
(VENDOR_ADVISORY)  BID  8922
http://lists.apple.com/mhonarc/security-announce/msg00039.html
(UNKNOWN)  APPLE  APPLE-SA-2003-10-28

- 漏洞信息

Apple Mac OS X 10.3未明Apple Quicktime Java漏洞
高危 未知
2003-11-03 00:00:00 2005-10-20 00:00:00
远程  
        
        Mac OS X是一款使用在Mac机器上的操作系统,基于BSD系统。
        Mac OS X的Quicktime Java实现存在未明安全问题,可能导致权限提升或其他未授权访问。
        目前没有详细漏洞细节提供。
        

- 公告与补丁

        厂商补丁:
        Apple
        -----
        目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
        Apple Upgrade SecurityUpd2003-10-28.dmg
        
        http://docs.info.apple.com/article.html?artnum=120266

- 漏洞信息

2728
Apple QuickTime Unspecified Java System Compromise
Location Unknown Attack Type Unknown
Loss of Integrity
Exploit Unknown

- 漏洞描述

Mac OS X contains an unspecified flaw in its Quicktime Java implementation. The flaw could allow unauthorized access to the system, leading to a loss of integrity. No further details have been provided.

- 时间线

2003-10-29 Unknow
Unknow Unknow

- 解决方案

Currently, there are no known workarounds or upgrades to correct this issue. However, Apple has released a patch to address this vulnerability.

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

Apple Mac OS X 10.3 Unspecified Apple Quicktime Java Vulnerability
Unknown 8922
Yes No
2003-10-28 12:00:00 2009-07-11 11:56:00
This issue was reported by Apple.

- 受影响的程序版本

Apple Mac OS X Server 10.3
Apple Mac OS X 10.3

- 漏洞讨论

Apple has released security updates to address an unspecified vulnerability in the Quicktime Java implementation included in Mac OS X 10.3 (Panther). Earlier versions of Mac OS X are not affected by this issue.

- 漏洞利用

Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com <mailto:vuldb@securityfocus.com>.

- 解决方案

Apple has released updates to address this issue. These updates may be applied via the Software Update pane in System Preferences. Manual updates are also available.


Apple Mac OS X 10.3

Apple Mac OS X Server 10.3

- 相关参考

     

     

    关于SCAP中文社区

    SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

    版权声明

    CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站