ID CVE-2006-5836
Summary The fpathconf syscall function in bsd/kern/kern_descrip.c in the Darwin kernel (XNU) 8.8.1 in Apple Mac OS X allows local users to cause a denial of service (kernel panic) and possibly execute arbitrary code via a file descriptor with an unrecognized file type.
References
Vulnerable Configurations
  • cpe:2.3:o:opendarwin:darwin_kernel:8.8.1:*:*:*:*:*:*:*
    cpe:2.3:o:opendarwin:darwin_kernel:8.8.1:*:*:*:*:*:*:*
CVSS
Base: 7.2 (as of 20-07-2017 - 01:34)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:L/AC:L/Au:N/C:C/I:C/A:C
refmap via4
apple APPLE-SA-2007-03-13
bid 20982
cert TA07-072A
confirm http://docs.info.apple.com/article.html?artnum=305214
misc http://projects.info-pull.com/mokb/MOKB-09-11-2006.html
osvdb 30216
sectrack 1017751
secunia
  • 22808
  • 24479
vupen
  • ADV-2006-4448
  • ADV-2007-0930
xf macosx-fpathconf-dos(30152)
Last major update 20-07-2017 - 01:34
Published 10-11-2006 - 01:07
Back to Top