CVE-2011-1417 in iOSinfo

Summary

Integer overflow in QuickLook, as used in Apple Mac OS X before 10.6.7 and MobileSafari in Apple iOS before 4.2.7 and 4.3.x before 4.3.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a Microsoft Office document with a crafted size field in the OfficeArtMetafileHeader, related to OfficeArtBlip, as demonstrated on the iPhone by Charlie Miller and Dion Blazakis during a Pwn2Own competition at CanSecWest 2011.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Reservation

03/11/2011

Disclosure

03/11/2011

Moderation

VulDB entry created

Entries

1: VDB-56812

CPE

ready

CWE

CWE-189 (Confirmed)

Exploit

Download

CVSS

7.3

EPSS

0.06133

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2011-1417
NVD	https://nvd.nist.gov/vuln/detail/CVE-2011-1417
CVE Details	https://www.cvedetails.com/cve/CVE-2011-1417/

◂ Previous Overview Next ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!