Vulnerability Details : CVE-2010-0055
xar in Apple Mac OS X 10.5.8 does not properly validate package signatures, which allows attackers to have an unspecified impact via a modified package.
Products affected by CVE-2010-0055
- cpe:2.3:o:apple:mac_os_x:10.5.8:*:*:*:*:*:*:*
- cpe:2.3:o:apple:mac_os_x_server:10.5.8:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2010-0055
0.32%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 67 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2010-0055
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST |
References for CVE-2010-0055
-
http://support.apple.com/kb/HT4077
About the security content of Security Update 2010-002 / Mac OS X v10.6.3 - Apple SupportPatch;Vendor Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WXQ3NRRTC4A3F3GW2RQNATJHYDIRSCBS/
[SECURITY] Fedora 31 Update: xar-1.6.1-1.fc31 - package-announce - Fedora Mailing-Lists
-
http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html
Apple - Lists.apple.comPatch;Vendor Advisory
Jump to