CVE-2011-3216

The kernel in Apple Mac OS X before 10.7.2 does not properly implement the sticky bit for directories, which might allow local users to bypass intended permissions and delete files via an unlink system call.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
2.1 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:N/I:P/A:N
appleCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 18%
VendorProductVersion
applemac_os_x
𝑥
≤ 10.7.1
applemac_os_x
10.0
applemac_os_x
10.0.0
applemac_os_x
10.0.1
applemac_os_x
10.0.2
applemac_os_x
10.0.3
applemac_os_x
10.0.4
applemac_os_x
10.1
applemac_os_x
10.1.0
applemac_os_x
10.1.1
applemac_os_x
10.1.2
applemac_os_x
10.1.3
applemac_os_x
10.1.4
applemac_os_x
10.1.5
applemac_os_x
10.2
applemac_os_x
10.2.0
applemac_os_x
10.2.1
applemac_os_x
10.2.2
applemac_os_x
10.2.3
applemac_os_x
10.2.4
applemac_os_x
10.2.5
applemac_os_x
10.2.6
applemac_os_x
10.2.7
applemac_os_x
10.2.8
applemac_os_x
10.3
applemac_os_x
10.3.0
applemac_os_x
10.3.1
applemac_os_x
10.3.2
applemac_os_x
10.3.3
applemac_os_x
10.3.4
applemac_os_x
10.3.5
applemac_os_x
10.3.6
applemac_os_x
10.3.7
applemac_os_x
10.3.8
applemac_os_x
10.3.9
applemac_os_x
10.4
applemac_os_x
10.4.0
applemac_os_x
10.4.1
applemac_os_x
10.4.2
applemac_os_x
10.4.3
applemac_os_x
10.4.4
applemac_os_x
10.4.5
applemac_os_x
10.4.6
applemac_os_x
10.4.7
applemac_os_x
10.4.8
applemac_os_x
10.4.9
applemac_os_x
10.4.10
applemac_os_x
10.4.11
applemac_os_x
10.5
applemac_os_x
10.5.0
applemac_os_x
10.5.1
applemac_os_x
10.5.2
applemac_os_x
10.5.3
applemac_os_x
10.5.4
applemac_os_x
10.5.5
applemac_os_x
10.5.6
applemac_os_x
10.5.7
applemac_os_x
10.5.8
applemac_os_x
10.6.0
applemac_os_x
10.6.1
applemac_os_x
10.6.2
applemac_os_x
10.6.3
applemac_os_x
10.6.4
applemac_os_x
10.6.5
applemac_os_x
10.6.6
applemac_os_x
10.6.7
applemac_os_x
10.6.8
applemac_os_x
10.7.0
applemac_os_x_server
𝑥
≤ 10.7.1
applemac_os_x_server
10.0
applemac_os_x_server
10.0.0
applemac_os_x_server
10.0.1
applemac_os_x_server
10.0.2
applemac_os_x_server
10.0.3
applemac_os_x_server
10.0.4
applemac_os_x_server
10.1
applemac_os_x_server
10.1.0
applemac_os_x_server
10.1.1
applemac_os_x_server
10.1.2
applemac_os_x_server
10.1.3
applemac_os_x_server
10.1.4
applemac_os_x_server
10.1.5
applemac_os_x_server
10.2
applemac_os_x_server
10.2.0
applemac_os_x_server
10.2.1
applemac_os_x_server
10.2.2
applemac_os_x_server
10.2.3
applemac_os_x_server
10.2.4
applemac_os_x_server
10.2.5
applemac_os_x_server
10.2.6
applemac_os_x_server
10.2.7
applemac_os_x_server
10.2.8
applemac_os_x_server
10.3
applemac_os_x_server
10.3.0
applemac_os_x_server
10.3.1
applemac_os_x_server
10.3.2
applemac_os_x_server
10.3.3
applemac_os_x_server
10.3.4
applemac_os_x_server
10.3.5
applemac_os_x_server
10.3.6
applemac_os_x_server
10.3.7
applemac_os_x_server
10.3.8
applemac_os_x_server
10.3.9
applemac_os_x_server
10.4
applemac_os_x_server
10.4.0
applemac_os_x_server
10.4.1
applemac_os_x_server
10.4.2
applemac_os_x_server
10.4.3
applemac_os_x_server
10.4.4
applemac_os_x_server
10.4.5
applemac_os_x_server
10.4.6
applemac_os_x_server
10.4.7
applemac_os_x_server
10.4.8
applemac_os_x_server
10.4.9
applemac_os_x_server
10.4.10
applemac_os_x_server
10.4.11
applemac_os_x_server
10.5
applemac_os_x_server
10.5.0
applemac_os_x_server
10.5.1
applemac_os_x_server
10.5.2
applemac_os_x_server
10.5.3
applemac_os_x_server
10.5.4
applemac_os_x_server
10.5.5
applemac_os_x_server
10.5.6
applemac_os_x_server
10.5.7
applemac_os_x_server
10.5.8
applemac_os_x_server
10.6.0
applemac_os_x_server
10.6.1
applemac_os_x_server
10.6.2
applemac_os_x_server
10.6.3
applemac_os_x_server
10.6.4
applemac_os_x_server
10.6.5
applemac_os_x_server
10.6.6
applemac_os_x_server
10.6.7
applemac_os_x_server
10.6.8
applemac_os_x_server
10.7.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html
http://support.apple.com/kb/HT5002
http://www.securityfocus.com/bid/50085
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html
http://support.apple.com/kb/HT5002
http://www.securityfocus.com/bid/50085