Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-3447

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2011-3447
Last Modified 03 Feb 2012 12:00:00
Published 02 Feb 2012 01:55:01
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-3447

Summary

CFNetwork in Apple Mac OS X 10.7.x before 10.7.3 does not properly construct request headers during parsing of URLs, which allows remote attackers to obtain sensitive information via a malformed URL.

Vulnerable Systems

Operating System

  • Apple Mac Os X 10.7.0

  • Apple Mac Os X 10.7.1

  • Apple Mac Os X 10.7.2

  • Apple Mac Os X Server 10.7.0

  • Apple Mac Os X Server 10.7.1

  • Apple Mac Os X Server 10.7.2


References

CONFIRM - http://support.apple.com/kb/HT5130

APPLE - APPLE-SA-2012-02-01-1


Last Updated: 27 May 2016 10:58:09