ID CVE-2008-1575
Summary Unspecified vulnerability in the Apple Type Services (ATS) server in Apple Mac OS X 10.5 before 10.5.3 allows user-assisted remote attackers to execute arbitrary code via a crafted embedded font in a PDF document, related to memory corruption that occurs during printing.
References
Vulnerable Configurations
  • Apple Mac OS X 10.5
    cpe:2.3:o:apple:mac_os_x:10.5
  • Apple Mac OS X 10.5.1
    cpe:2.3:o:apple:mac_os_x:10.5.1
  • Apple Mac OS X 10.5.2
    cpe:2.3:o:apple:mac_os_x:10.5.2
  • Apple Mac OS X Server 10.5
    cpe:2.3:o:apple:mac_os_x_server:10.5
  • Apple Mac OS X Server 10.5.1
    cpe:2.3:o:apple:mac_os_x_server:10.5.1
  • Apple Mac OS X Server 10.5.2
    cpe:2.3:o:apple:mac_os_x_server:10.5.2
CVSS
Base: 9.3 (as of 03-06-2008 - 10:49)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
nessus via4
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_10_5_3.NASL
    description The remote host is running a version of Mac OS X 10.5.x that is prior to 10.5.3. Mac OS X 10.5.3 contains security fixes for a number of programs.
    last seen 2019-02-21
    modified 2018-07-14
    plugin id 32477
    published 2008-05-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=32477
    title Mac OS X 10.5.x < 10.5.3 Multiple Vulnerabilities
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_SECUPD2008-003.NASL
    description The remote host is running a version of Mac OS X 10.4 that does not have the security update 2008-003 applied. This update contains security fixes for a number of programs.
    last seen 2019-02-21
    modified 2018-07-14
    plugin id 32478
    published 2008-05-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=32478
    title Mac OS X Multiple Vulnerabilities (Security Update 2008-003)
refmap via4
apple APPLE-SA-2008-05-28
bid
  • 29412
  • 29492
cert TA08-150A
sectrack 1020133
secunia 30430
vupen ADV-2008-1697
xf macosx-ats-code-execution(42707)
Last major update 07-03-2011 - 00:00
Published 02-06-2008 - 17:30
Last modified 07-08-2017 - 21:30
Back to Top