ID CVE-2010-0055
Summary xar in Apple Mac OS X 10.5.8 does not properly validate package signatures, which allows attackers to have an unspecified impact via a modified package.
References
Vulnerable Configurations
  • cpe:2.3:o:apple:mac_os_x:10.5.8:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os_x:10.5.8:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:mac_os_x_server:10.5.8:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os_x_server:10.5.8:*:*:*:*:*:*:*
CVSS
Base: 10.0 (as of 31-03-2010 - 04:00)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
assigner via4 cve@mitre.org
cvss-vector via4 AV:N/AC:L/Au:N/C:C/I:C/A:C
refmap via4
apple APPLE-SA-2010-03-29-1
confirm http://support.apple.com/kb/HT4077
vulnerable_product via4
  • cpe:2.3:o:apple:mac_os_x:10.5.8:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:mac_os_x_server:10.5.8:*:*:*:*:*:*:*
Last major update 31-03-2010 - 04:00
Published 30-03-2010 - 18:30
Back to Top