cpe:/a:apple:applescript cpe:/o:apple:mac_os_x:10.6.0 cpe:/o:apple:mac_os_x:10.6.1 cpe:/o:apple:mac_os_x:10.6.2 cpe:/o:apple:mac_os_x:10.6.3 cpe:/o:apple:mac_os_x:10.6.4 cpe:/o:apple:mac_os_x:10.6.5 cpe:/o:apple:mac_os_x:10.6.6 cpe:/o:apple:mac_os_x_server:10.6.0 cpe:/o:apple:mac_os_x_server:10.6.1 cpe:/o:apple:mac_os_x_server:10.6.2 cpe:/o:apple:mac_os_x_server:10.6.3 cpe:/o:apple:mac_os_x_server:10.6.4 cpe:/o:apple:mac_os_x_server:10.6.5 cpe:/o:apple:mac_os_x_server:10.6.6 CVE-2011-0173 2011-03-22T22:00:04.050-04:00 2011-03-24T00:00:00.000-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2011-03-23T10:16:00.000-04:00 APPLE APPLE-SA-2011-03-21-1 CONFIRM http://support.apple.com/kb/HT4581 Multiple format string vulnerabilities in AppleScript in Apple Mac OS X before 10.6.7 allow context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via format string specifiers in a (1) display dialog or (2) display alert command in a dialog in an AppleScript Studio application.