| CVE ID | CVE-2012-0662 |
| CVSS SCORE | 10.0, AV:N/AC:L/Au:N/C:C/I:C/A:C |
| AFFECTED VENDORS |
Apple |
| AFFECTED PRODUCTS |
OS X |
| VULNERABILITY DETAILS |
The flaw exists within the libsecurity_cdsa_plugin which implements routines defined in libsecurity_cssm. The library defines an allocation routine as having an argument type uint32. The implemented methods in the cdsa_plugin accept parameter having type size_t, this value is truncated from 64 bits to 32 bits when being passed to the library routine. This can lead to an underallocated memory region and ultimately a write out of bounds. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the process. |
| ADDITIONAL DETAILS |
Apple has issued an update to correct this vulnerability. More details can be found at:
http://support.apple.com/kb/HT1222 |
| DISCLOSURE TIMELINE |
|
| CREDIT | aazubel |
