Apple : Security Vulnerabilities, CVEs, Published In 2011
CVE-2011-0257
Public exploit
Integer signedness error in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PnSize opcode in a PICT file that triggers a stack-based buffer overflow.
Max CVSS
9.3
EPSS Score
95.81%
Published
2011-08-15
Updated
2017-09-19
CVE-2011-1774
Public exploit
WebKit in Apple Safari before 5.0.6 has improper libxslt security settings, which allows remote attackers to create arbitrary files, and consequently execute arbitrary code, via a crafted web site. NOTE: this may overlap CVE-2011-1425.
Max CVSS
8.8
EPSS Score
96.77%
Published
2011-07-21
Updated
2012-02-14
CVE-2011-3230
Public exploit
Apple Safari before 5.1.1 on Mac OS X does not enforce an intended policy for file: URLs, which allows remote attackers to execute arbitrary code via a crafted web site.
Max CVSS
6.8
EPSS Score
93.32%
Published
2011-10-14
Updated
2017-08-29
3 vulnerabilities found