CVE-2011-3224

Low CVSS 2.6

Overview

The User Documentation component in Apple Mac OS X through 10.6.8 uses http sessions for updates to App Store help information, which allows man-in-the-middle attackers to execute arbitrary code by spoofing the http server.

CWE: N/A Published: 2011-10-14T10:55:09.090

Risk analysis

This vulnerability is rated 🟢 LOW.

CVSS: 2.6 (LOW)
Detected tags: none (tag impact: LOW)

Recommended actions:

Prioritize remediation based on business criticality and exposure.
Limit exposure and increase monitoring until fixed.

Overview

Recommended tools

Tags