Home  >  CVE-2001-1411
CVE Details for CVE: CVE-2001-1411
Summary
Format string vulnerability in gm4 (aka m4) on Mac OS X may allow local users to gain privileges if gm4 is called by setuid programs.
Timestamps
Last major update 18-10-2016 - 02:15
Published 17-11-2003 - 05:00
Last modified 18-10-2016 - 02:15
References
Vulnerable Configurations
  • cpe:2.3:o:apple:mac_os_x:10.4.9:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os_x:10.4.9:*:*:*:*:*:*:*
CAPEC
Click the CAPEC title to display a description
CWE
NVD-CWE-Other
CVSS
Base
7.2
Impact
10.0
Exploitability
3.9
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
CVSS3
None
VIA4 references
cvss-vector via4
AV:L/AC:L/Au:N/C:C/I:C/A:C
refmap via4
bugtraq 20011020 gm4 format strings on OSX
cert-vn VU#147587
confirm http://lists.apple.com/mhonarc/security-announce/msg00038.html
xf macos-gm4-utility-bo(10174)