What is the severity of CVE-2011-3448?

CVE-2011-3448 is classified as a critical vulnerability that could allow remote attackers to execute arbitrary code.

How do I fix CVE-2011-3448?

To mitigate CVE-2011-3448, users should update their systems to Mac OS X version 10.7.3 or later.

What causes the CVE-2011-3448 vulnerability?

CVE-2011-3448 is caused by a heap-based buffer overflow in the CoreMedia component of Mac OS X.

What are the affected versions for CVE-2011-3448?

CVE-2011-3448 affects multiple versions of Mac OS X, including 10.6.0 to 10.6.8 and 10.7.0 to 10.7.1.

What type of attack can exploit CVE-2011-3448?

CVE-2011-3448 can be exploited via crafting malicious H.264 encoded movie files that may result in application crashes or arbitrary code execution.

Vulnerability/
CVE-2011-3448

medium

6.8

CWE

119

2/2/2012

16/9/2024

CVE-2011-3448: Buffer Overflow

First published: Thu Feb 02 2012(Updated: )

Heap-based buffer overflow in CoreMedia in Apple Mac OS X before 10.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with H.264 encoding.

Credit: product-security@apple.com

Affected Software	Affected Version	How to fix
Apple iOS and macOS	=10.6.8
Apple iOS and macOS	=10.6.7
Apple macOS Server	<=10.7.2
Apple macOS Server	=10.7.1
Apple macOS Server	=10.6.3
Apple macOS Server	=10.6.8
Apple macOS Server	=10.6.6
Apple iOS and macOS	=10.6.3
Apple macOS Server	=10.6.4
Apple iOS and macOS	=10.6.6
Apple macOS Server	=10.6.7
Apple macOS Server	=10.6.5
Apple macOS Server	=10.7.0
Apple macOS Server	=10.6.1
Apple macOS Server	=10.6.2
Apple iOS and macOS	=10.6.1
Apple macOS Server	=10.6.0
Apple iOS and macOS	=10.6.0
Apple iOS and macOS	=10.6.2
Apple iOS and macOS	=10.7.0
Apple iOS and macOS	=10.6.4
Apple iOS and macOS	=10.6.5
Apple iOS and macOS	<=10.7.2
Apple iOS and macOS	=10.7.1

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2011-3448?
CVE-2011-3448 is classified as a critical vulnerability that could allow remote attackers to execute arbitrary code.
How do I fix CVE-2011-3448?
To mitigate CVE-2011-3448, users should update their systems to Mac OS X version 10.7.3 or later.
What causes the CVE-2011-3448 vulnerability?
CVE-2011-3448 is caused by a heap-based buffer overflow in the CoreMedia component of Mac OS X.
What are the affected versions for CVE-2011-3448?
CVE-2011-3448 affects multiple versions of Mac OS X, including 10.6.0 to 10.6.8 and 10.7.0 to 10.7.1.
What type of attack can exploit CVE-2011-3448?
CVE-2011-3448 can be exploited via crafting malicious H.264 encoded movie files that may result in application crashes or arbitrary code execution.

agent/references
agent/type
agent/author
agent/severity
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/event
agent/first-publish-date
agent/source
agent/weakness
agent/softwarecombine
agent/tags
collector/nvd-historical
agent/software-canonical-lookup-request
collector/nvd-index
vendor/apple
canonical/apple ios and macos
version/apple ios and macos/10.6.8
version/apple ios and macos/10.6.7
canonical/apple macos server
version/apple macos server/10.7.2
version/apple macos server/10.7.1
version/apple macos server/10.6.3
version/apple macos server/10.6.8
version/apple macos server/10.6.6
version/apple ios and macos/10.6.3
version/apple macos server/10.6.4
version/apple ios and macos/10.6.6
version/apple macos server/10.6.7
version/apple macos server/10.6.5
version/apple macos server/10.7.0
version/apple macos server/10.6.1
version/apple macos server/10.6.2
version/apple ios and macos/10.6.1
version/apple macos server/10.6.0
version/apple ios and macos/10.6.0
version/apple ios and macos/10.6.2
version/apple ios and macos/10.7.0
version/apple ios and macos/10.6.4
version/apple ios and macos/10.6.5
version/apple ios and macos/10.7.2
version/apple ios and macos/10.7.1