2011-03-11 18:55:03 2012-03-30 06:00:00

Integer overflow in QuickLook, as used in Apple Mac OS X before 10.6.7 and MobileSafari in Apple iOS before 4.2.7 and 4.3.x before 4.3.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a Microsoft Office document with a crafted size field in the OfficeArtMetafileHeader, related to OfficeArtBlip, as demonstrated on the iPhone by Charlie Miller and Dion Blazakis during a Pwn2Own competition at CanSecWest 2011.

Vector

NETWORK

Complexity

MEDIUM

Authentication

NONE

Confidentiality

PARTIAL

Integrity

PARTIAL

Availability

PARTIAL
Apache Software Foundation Apache HTTP Server 2.2.13 Apache Software Foundation Apache HTTP Server 2.2.22 Apache Software Foundation Apache HTTP Server 2.4.9 Apache Software Foundation POI 0.5 Apache Software Foundation Apache HTTP Server 2.2.26 Apache Software Foundation POI 0.3 Apache Software Foundation POI 1.0.1 Apache Software Foundation POI 0.6 Apache Software Foundation Apache HTTP Server 2.3.13 Apache Software Foundation POI 0.7 Apache Software Foundation POI 0.4 Apache Software Foundation Apache HTTP Server 2.3.7 Apache Software Foundation Apache HTTP Server 2.2.9 Apache Software Foundation Apache HTTP Server 2.4.6 Apache Software Foundation POI 1.0.0 Apache Software Foundation Apache HTTP Server 2.2 Apache Software Foundation Apache HTTP Server 2.2.10 Apache Software Foundation Apache HTTP Server 2.1.4 Apache Software Foundation Apache HTTP Server 2.1.7 Apache Software Foundation Apache HTTP Server 2.0.57 Apache Software Foundation Apache HTTP Server 2.0.64 Apache Software Foundation Apache HTTP Server 2.1.1 Apache Software Foundation HTTP Server 2.0.61 Apache Software Foundation HTTP Server 2.0.59 Apache Software Foundation Apache HTTP Server 2.2.25 Apache Software Foundation Apache HTTP Server 2.3.10 Apache Software Foundation Rave 0.15 Apple Iphone os 4.2 (not an official CPE) Apache Software Foundation Apache HTTP Server 3.1 Apache Software Foundation Rave 0.13 Apache Software Foundation Apache HTTP Server 2.4.12 Apache Software Foundation Apache HTTP Server 2.3.16 Apache Software Foundation HttpAsyncClient 4.0 alpha3 Apache Software Foundation HttpAsyncClient 4.0 beta1 Apache Software Foundation Rave 0.18 Apache Software Foundation HttpAsyncClient 4.0 Apache Software Foundation Rave 0.16 Apache Software Foundation Apache HTTP Server 2.4.0 Apache Software Foundation Rave 0.19 Apache Software Foundation Apache HTTP Server 2.4.10 Apache Software Foundation Apache HTTP Server 2.2.4 Apache Software Foundation Rave 0.14 Apache Software Foundation Rave 0.17 Apache Software Foundation HttpAsyncClient 4.0 alpha1