ID CVE-2008-1576
Summary Mail in Apple Mac OS X before 10.5, when an IPv6 SMTP server is used, does not properly initialize memory, which might allow remote attackers to execute arbitrary code or cause a denial of service (application crash), or obtain sensitive information (memory contents) in opportunistic circumstances, by sending an e-mail message.
References
Vulnerable Configurations
  • Apple Mac OS X 10.0
    cpe:2.3:o:apple:mac_os_x:10.0
  • Apple Mac OS X 10.1
    cpe:2.3:o:apple:mac_os_x:10.1
  • Apple Mac OS X 10.2
    cpe:2.3:o:apple:mac_os_x:10.2
  • Apple Mac OS X 10.3
    cpe:2.3:o:apple:mac_os_x:10.3
  • Apple Mac OS X 10.4
    cpe:2.3:o:apple:mac_os_x:10.4
CVSS
Base: 6.8 (as of 03-06-2008 - 10:49)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
nessus via4
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_10_5_3.NASL
    description The remote host is running a version of Mac OS X 10.5.x that is prior to 10.5.3. Mac OS X 10.5.3 contains security fixes for a number of programs.
    last seen 2019-02-21
    modified 2018-07-14
    plugin id 32477
    published 2008-05-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=32477
    title Mac OS X 10.5.x < 10.5.3 Multiple Vulnerabilities
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_SECUPD2008-003.NASL
    description The remote host is running a version of Mac OS X 10.4 that does not have the security update 2008-003 applied. This update contains security fixes for a number of programs.
    last seen 2019-02-21
    modified 2018-07-14
    plugin id 32478
    published 2008-05-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=32478
    title Mac OS X Multiple Vulnerabilities (Security Update 2008-003)
refmap via4
apple APPLE-SA-2008-05-28
bid
  • 29412
  • 29500
cert TA08-150A
sectrack 1020140
secunia 30430
vupen ADV-2008-1697
xf macosx-mail-code-execution(42723)
Last major update 07-03-2011 - 00:00
Published 02-06-2008 - 17:30
Last modified 07-08-2017 - 21:30
Back to Top