cvelistv5 - CVE-2007-0299

CVE-2007-0299 (GCVE-0-2007-0299)

Vulnerability from cvelistv5

Published

2007-01-17 11:00

Modified

2024-08-07 12:12

Severity ?

CWE

Summary

References

URL

Tags

cve@mitre.org	http://docs.info.apple.com/article.html?artnum=305214
cve@mitre.org	http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html
cve@mitre.org	http://projects.info-pull.com/moab/MOAB-11-01-2007.html	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/23725	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/24479	Vendor Advisory
cve@mitre.org	http://www.kb.cert.org/vuls/id/515792	US Government Resource
cve@mitre.org	http://www.osvdb.org/31653
cve@mitre.org	http://www.securitytracker.com/id?1017751
cve@mitre.org	http://www.us-cert.gov/cas/techalerts/TA07-072A.html	US Government Resource
cve@mitre.org	http://www.vupen.com/english/advisories/2007/0930
af854a3a-2127-422b-91ae-364da2661108	http://docs.info.apple.com/article.html?artnum=305214
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html
af854a3a-2127-422b-91ae-364da2661108	http://projects.info-pull.com/moab/MOAB-11-01-2007.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/23725	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24479	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/515792	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/31653
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1017751
af854a3a-2127-422b-91ae-364da2661108	http://www.us-cert.gov/cas/techalerts/TA07-072A.html	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/0930

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T12:12:17.983Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "31653",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/31653"
          },
          {
            "name": "TA07-072A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"
          },
          {
            "name": "APPLE-SA-2007-03-13",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://docs.info.apple.com/article.html?artnum=305214"
          },
          {
            "name": "1017751",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1017751"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://projects.info-pull.com/moab/MOAB-11-01-2007.html"
          },
          {
            "name": "VU#515792",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/515792"
          },
          {
            "name": "ADV-2007-0930",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/0930"
          },
          {
            "name": "23725",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/23725"
          },
          {
            "name": "24479",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24479"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-01-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Integer overflow in the byte_swap_sbin function in bsd/ufs/ufs/ufs_byte_order.c in Mac OS X 10.4.8 allows user-assisted remote attackers to cause a denial of service (kernel panic) by mounting a crafted Unix File System (UFS) DMG image, which triggers an invalid pointer dereference."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2007-02-28T10:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "31653",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/31653"
        },
        {
          "name": "TA07-072A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"
        },
        {
          "name": "APPLE-SA-2007-03-13",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://docs.info.apple.com/article.html?artnum=305214"
        },
        {
          "name": "1017751",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1017751"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://projects.info-pull.com/moab/MOAB-11-01-2007.html"
        },
        {
          "name": "VU#515792",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/515792"
        },
        {
          "name": "ADV-2007-0930",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/0930"
        },
        {
          "name": "23725",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/23725"
        },
        {
          "name": "24479",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24479"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-0299",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Integer overflow in the byte_swap_sbin function in bsd/ufs/ufs/ufs_byte_order.c in Mac OS X 10.4.8 allows user-assisted remote attackers to cause a denial of service (kernel panic) by mounting a crafted Unix File System (UFS) DMG image, which triggers an invalid pointer dereference."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "31653",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/31653"
            },
            {
              "name": "TA07-072A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"
            },
            {
              "name": "APPLE-SA-2007-03-13",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"
            },
            {
              "name": "http://docs.info.apple.com/article.html?artnum=305214",
              "refsource": "CONFIRM",
              "url": "http://docs.info.apple.com/article.html?artnum=305214"
            },
            {
              "name": "1017751",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1017751"
            },
            {
              "name": "http://projects.info-pull.com/moab/MOAB-11-01-2007.html",
              "refsource": "MISC",
              "url": "http://projects.info-pull.com/moab/MOAB-11-01-2007.html"
            },
            {
              "name": "VU#515792",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/515792"
            },
            {
              "name": "ADV-2007-0930",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/0930"
            },
            {
              "name": "23725",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/23725"
            },
            {
              "name": "24479",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/24479"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-0299",
    "datePublished": "2007-01-17T11:00:00",
    "dateReserved": "2007-01-16T00:00:00",
    "dateUpdated": "2024-08-07T12:12:17.983Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2007-0299\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2007-01-17T11:28:00.000\",\"lastModified\":\"2025-04-09T00:30:58.490\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Integer overflow in the byte_swap_sbin function in bsd/ufs/ufs/ufs_byte_order.c in Mac OS X 10.4.8 allows user-assisted remote attackers to cause a denial of service (kernel panic) by mounting a crafted Unix File System (UFS) DMG image, which triggers an invalid pointer dereference.\"},{\"lang\":\"es\",\"value\":\"Desbordamiento de entero en la funci\u00f3n byte_swap_sbin de bsd/ufs/ufs/ufs_byte_order.c en Mac OS X 10.4.8 permite a atacantes remotos con la complicidad del usuario provocar una denegaci\u00f3n de servicio (kernel panic) montando una imagen DMG artesanal del sistema de ficheros Unix (UFS), lo cual provoca una referencia de puntero inv\u00e1lida.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:N/A:C\",\"baseScore\":7.1,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.4.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"09ED46A8-1739-411C-8807-2A416BDB6DFE\"}]}]}],\"references\":[{\"url\":\"http://docs.info.apple.com/article.html?artnum=305214\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://projects.info-pull.com/moab/MOAB-11-01-2007.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/23725\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/24479\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.kb.cert.org/vuls/id/515792\",\"source\":\"cve@mitre.org\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.osvdb.org/31653\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securitytracker.com/id?1017751\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA07-072A.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.vupen.com/english/advisories/2007/0930\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://docs.info.apple.com/article.html?artnum=305214\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://projects.info-pull.com/moab/MOAB-11-01-2007.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/23725\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/24479\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.kb.cert.org/vuls/id/515792\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.osvdb.org/31653\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id?1017751\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA07-072A.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.vupen.com/english/advisories/2007/0930\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

CERTA-2007-AVI-124

Vulnerability from certfr_avis

Plusieurs vulnérabilités affectent MacOS X. Les plus graves permettent à une personne malintentionnée d'exécuter du code arbitraire à distance.

Description

Plusieurs composants de MacOS X sont sujets à des vulnérabilités, les plus graves permettant à un attaquant distant d'exécuter du code arbitraire.

Les composants impactés sont : ColorSync (CVE-2007-0719), CoreGraphics, Crash Reporter (CVE-2007-0467), CUPS (CVE-2007-0720), Disk Images (CVE-2007-0721, CVE-2007-0722, CVE-2006-6061, CVE-2006-6062, CVE-2006-5679, CVE-2007-0229, CVE-2007-0267, CVE-2007-0299), DS Plug-Ins (CVE-2007-0723), Flash Player (CVE-2006-5330), GNU Tar (CVE-2006-0300, CVE-2006-6097), HFS (CVE-2007-0318), HID Family (CVE-2007-0724), ImageIO (CVE-2007-1071, CVE-2007-0733), Kernel (CVE-2006-5836, CVE-2006-6129, CVE-2006-6173), MySQL Server (CVE-2006-1516, CVE-2006-1517, CVE-2006-2753, CVE-2006-3081, CVE-2006-4031, CVE-2006-4226, CVE-2006-3469), Networking (CVE-2006-6130, CVE-2007-0236), OpenSSH (CVE-2007-0726, CVE-2006-0225, CVE-2006-4924, CVE-2006-5051, CVE-2006-5052), Printing (CVE-2007-0728), QuickDraw Manager (CVE-2007-0588), servermgrd (CVE-2007-0730), SMB File Server (CVE-2007-0731), Software Update (CVE-2007-0463), sudo (CVE-2005-2959), WebLog (CVE-2006-4829).

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Apple	macOS	MacOS X 10.3.9 et MacOS X Server 10.3.9 ;
	Apple	macOS	MacOS X 10.4 et MacOS X Server 10.4.

References

Title

Publication Time

Tags

Mise à jour de sécurité 2007-003 de MacOS X	None	vendor-advisory
Bulletin de sécurité Apple du 12 mars 2007 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "MacOS X 10.3.9 et MacOS X Server 10.3.9 ;",
      "product": {
        "name": "macOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "MacOS X 10.4 et MacOS X Server 10.4.",
      "product": {
        "name": "macOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nPlusieurs composants de MacOS X sont sujets \u00e0 des vuln\u00e9rabilit\u00e9s, les\nplus graves permettant \u00e0 un attaquant distant d\u0027ex\u00e9cuter du code\narbitraire.  \n\nLes composants impact\u00e9s sont : ColorSync (CVE-2007-0719), CoreGraphics,\nCrash Reporter (CVE-2007-0467), CUPS (CVE-2007-0720), Disk Images\n(CVE-2007-0721, CVE-2007-0722, CVE-2006-6061, CVE-2006-6062,\nCVE-2006-5679, CVE-2007-0229, CVE-2007-0267, CVE-2007-0299), DS Plug-Ins\n(CVE-2007-0723), Flash Player (CVE-2006-5330), GNU Tar (CVE-2006-0300,\nCVE-2006-6097), HFS (CVE-2007-0318), HID Family (CVE-2007-0724), ImageIO\n(CVE-2007-1071, CVE-2007-0733), Kernel (CVE-2006-5836, CVE-2006-6129,\nCVE-2006-6173), MySQL Server (CVE-2006-1516, CVE-2006-1517,\nCVE-2006-2753, CVE-2006-3081, CVE-2006-4031, CVE-2006-4226,\nCVE-2006-3469), Networking (CVE-2006-6130, CVE-2007-0236), OpenSSH\n(CVE-2007-0726, CVE-2006-0225, CVE-2006-4924, CVE-2006-5051,\nCVE-2006-5052), Printing (CVE-2007-0728), QuickDraw Manager\n(CVE-2007-0588), servermgrd (CVE-2007-0730), SMB File Server\n(CVE-2007-0731), Software Update (CVE-2007-0463), sudo (CVE-2005-2959),\nWebLog (CVE-2006-4829).\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2006-3469",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-3469"
    },
    {
      "name": "CVE-2006-6061",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-6061"
    },
    {
      "name": "CVE-2006-2753",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-2753"
    },
    {
      "name": "CVE-2007-0722",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0722"
    },
    {
      "name": "CVE-2007-0229",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0229"
    },
    {
      "name": "CVE-2006-6173",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-6173"
    },
    {
      "name": "CVE-2007-0733",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0733"
    },
    {
      "name": "CVE-2006-5836",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-5836"
    },
    {
      "name": "CVE-2007-0720",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0720"
    },
    {
      "name": "CVE-2006-5052",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-5052"
    },
    {
      "name": "CVE-2006-3081",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-3081"
    },
    {
      "name": "CVE-2007-0318",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0318"
    },
    {
      "name": "CVE-2007-0236",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0236"
    },
    {
      "name": "CVE-2006-4829",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-4829"
    },
    {
      "name": "CVE-2006-1517",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1517"
    },
    {
      "name": "CVE-2006-4924",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-4924"
    },
    {
      "name": "CVE-2005-2959",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-2959"
    },
    {
      "name": "CVE-2007-0728",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0728"
    },
    {
      "name": "CVE-2006-6129",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-6129"
    },
    {
      "name": "CVE-2007-0267",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0267"
    },
    {
      "name": "CVE-2007-0731",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0731"
    },
    {
      "name": "CVE-2007-0726",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0726"
    },
    {
      "name": "CVE-2006-4226",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-4226"
    },
    {
      "name": "CVE-2007-0299",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0299"
    },
    {
      "name": "CVE-2007-0724",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0724"
    },
    {
      "name": "CVE-2007-1071",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-1071"
    },
    {
      "name": "CVE-2006-4031",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-4031"
    },
    {
      "name": "CVE-2007-0588",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0588"
    },
    {
      "name": "CVE-2006-1516",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1516"
    },
    {
      "name": "CVE-2006-5679",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-5679"
    },
    {
      "name": "CVE-2007-0721",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0721"
    },
    {
      "name": "CVE-2006-6130",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-6130"
    },
    {
      "name": "CVE-2006-5330",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-5330"
    },
    {
      "name": "CVE-2007-0730",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0730"
    },
    {
      "name": "CVE-2006-0300",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-0300"
    },
    {
      "name": "CVE-2007-0719",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0719"
    },
    {
      "name": "CVE-2006-6062",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-6062"
    },
    {
      "name": "CVE-2006-0225",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-0225"
    },
    {
      "name": "CVE-2006-5051",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-5051"
    },
    {
      "name": "CVE-2007-0467",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0467"
    },
    {
      "name": "CVE-2007-0463",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0463"
    },
    {
      "name": "CVE-2006-6097",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-6097"
    },
    {
      "name": "CVE-2007-0723",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0723"
    }
  ],
  "initial_release_date": "2007-03-14T00:00:00",
  "last_revision_date": "2007-03-14T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Apple du 12 mars 2007 :",
      "url": "http://docs.info.apple.com/article.html?artnum=305214"
    }
  ],
  "reference": "CERTA-2007-AVI-124",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2007-03-14T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "Plusieurs vuln\u00e9rabilit\u00e9s affectent MacOS X. Les plus graves permettent \u00e0\nune personne malintentionn\u00e9e d\u0027ex\u00e9cuter du code arbitraire \u00e0 distance.\n",
  "title": "Vuln\u00e9rabilit\u00e9s dans MacOS X",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Mise \u00e0 jour de s\u00e9curit\u00e9 2007-003 de MacOS X",
      "url": null
    }
  ]
}

fkie_cve-2007-0299

Vulnerability from fkie_nvd

Published

2007-01-17 11:28

Modified

2025-04-09 00:30

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://docs.info.apple.com/article.html?artnum=305214
cve@mitre.org	http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html
cve@mitre.org	http://projects.info-pull.com/moab/MOAB-11-01-2007.html	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/23725	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/24479	Vendor Advisory
cve@mitre.org	http://www.kb.cert.org/vuls/id/515792	US Government Resource
cve@mitre.org	http://www.osvdb.org/31653
cve@mitre.org	http://www.securitytracker.com/id?1017751
cve@mitre.org	http://www.us-cert.gov/cas/techalerts/TA07-072A.html	US Government Resource
cve@mitre.org	http://www.vupen.com/english/advisories/2007/0930
af854a3a-2127-422b-91ae-364da2661108	http://docs.info.apple.com/article.html?artnum=305214
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html
af854a3a-2127-422b-91ae-364da2661108	http://projects.info-pull.com/moab/MOAB-11-01-2007.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/23725	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24479	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/515792	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/31653
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1017751
af854a3a-2127-422b-91ae-364da2661108	http://www.us-cert.gov/cas/techalerts/TA07-072A.html	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/0930

Impacted products

	Vendor	Product	Version
	apple	mac_os_x	10.4.8

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "09ED46A8-1739-411C-8807-2A416BDB6DFE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Integer overflow in the byte_swap_sbin function in bsd/ufs/ufs/ufs_byte_order.c in Mac OS X 10.4.8 allows user-assisted remote attackers to cause a denial of service (kernel panic) by mounting a crafted Unix File System (UFS) DMG image, which triggers an invalid pointer dereference."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de entero en la funci\u00f3n byte_swap_sbin de bsd/ufs/ufs/ufs_byte_order.c en Mac OS X 10.4.8 permite a atacantes remotos con la complicidad del usuario provocar una denegaci\u00f3n de servicio (kernel panic) montando una imagen DMG artesanal del sistema de ficheros Unix (UFS), lo cual provoca una referencia de puntero inv\u00e1lida."
    }
  ],
  "id": "CVE-2007-0299",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2007-01-17T11:28:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://docs.info.apple.com/article.html?artnum=305214"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://projects.info-pull.com/moab/MOAB-11-01-2007.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/23725"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24479"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/515792"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/31653"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1017751"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2007/0930"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://docs.info.apple.com/article.html?artnum=305214"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://projects.info-pull.com/moab/MOAB-11-01-2007.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/23725"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24479"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/515792"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/31653"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1017751"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/0930"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

var-200701-0156

Vulnerability from variot

Integer overflow in the byte_swap_sbin function in bsd/ufs/ufs/ufs_byte_order.c in Mac OS X 10.4.8 allows user-assisted remote attackers to cause a denial of service (kernel panic) by mounting a crafted Unix File System (UFS) DMG image, which triggers an invalid pointer dereference. Apple's UserNotificationCenter contains a vulnerability that may allow local users to gain elevated privileges. Apple Mac OS X Finder fails to properly handle DMG files with large volume names, which could allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Apple iChat contains a format string vulnerability. This vulnerability may allow a remote, unauthenticated attacker to execute arbitary code. A vulnerability in the way Apple iChat handles specially crafted TXT key hashes could lead to denial of service. Mac OS X is prone to a denial-of-service vulnerability. This triggers an invalid null pointer dereference.

Secunia is proud to announce the availability of the Secunia Software Inspector.

The Secunia Software Inspector is a free service that detects insecure versions of software that you may have installed in your system. When insecure versions are detected, the Secunia Software Inspector also provides thorough guidelines for updating the software to the latest secure version from the vendor.

Try it out online: http://secunia.com/software_inspector/

TITLE: Mac OS X Security Update Fixes Multiple Vulnerabilities

SECUNIA ADVISORY ID: SA24198

VERIFY ADVISORY: http://secunia.com/advisories/24198/

CRITICAL: Highly critical

IMPACT: Privilege escalation, DoS, System access

WHERE:

From remote

OPERATING SYSTEM: Apple Macintosh OS X http://secunia.com/product/96/

DESCRIPTION: Apple has issued a security update for Mac OS X, which fixes multiple vulnerabilities.

1) A boundary error exists in Finder, which can be exploited by malicious people to cause a buffer overflow by tricking a user to mount a malicious disk image.

2) A null-pointer dereference error in iChat Bonjour can be exploited by malicious people to cause the application to crash.

3) A format string error in the handling of AIM URLs in iChat can be exploited by malicious people to possibly execute arbitrary code.

Successful exploitation requires that a user is tricked into accessing a specially crafted AIM URL.

For more information: SA23846

SOLUTION: Apply Security Update 2007-002:

Security Update 2007-002 (10.4.8 Universal): http://www.apple.com/support/downloads/securityupdate2007002universal.html

Security Update 2007-002 (10.4.8 PPC): http://www.apple.com/support/downloads/securityupdate2007002ppc.html

Security Update 2007-002 (10.3.9 Panther): http://www.apple.com/support/downloads/securityupdate2007002panther.html

PROVIDED AND/OR DISCOVERED BY: 1) Kevin Finisterre, DigitalMunition 3) LMH

ORIGINAL ADVISORY: Apple: http://docs.info.apple.com/article.html?artnum=305102

OTHER REFERENCES: MOAB: 1) http://projects.info-pull.com/moab/MOAB-09-01-2007.html 3) http://projects.info-pull.com/moab/MOAB-20-01-2007.html

SA23846: http://secunia.com/advisories/23846/

SA23945: http://secunia.com/advisories/23945/

About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200701-0156",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": null,
        "scope": null,
        "trust": 4.0,
        "vendor": "apple computer",
        "version": null
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "apple",
        "version": "10.4.8"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4.8"
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#315856"
      },
      {
        "db": "CERT/CC",
        "id": "VU#515792"
      },
      {
        "db": "CERT/CC",
        "id": "VU#240880"
      },
      {
        "db": "CERT/CC",
        "id": "VU#794752"
      },
      {
        "db": "CERT/CC",
        "id": "VU#836024"
      },
      {
        "db": "BID",
        "id": "86767"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-001390"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200701-288"
      },
      {
        "db": "NVD",
        "id": "CVE-2007-0299"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/o:apple:mac_os_x",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-001390"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Unknown",
    "sources": [
      {
        "db": "BID",
        "id": "86767"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2007-0299",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.1,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "id": "CVE-2007-0299",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 1.8,
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.1,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "id": "VHN-23661",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:N/I:N/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2007-0299",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "CARNEGIE MELLON",
            "id": "VU#315856",
            "trust": 0.8,
            "value": "1.49"
          },
          {
            "author": "CARNEGIE MELLON",
            "id": "VU#515792",
            "trust": 0.8,
            "value": "7.01"
          },
          {
            "author": "CARNEGIE MELLON",
            "id": "VU#240880",
            "trust": 0.8,
            "value": "10.29"
          },
          {
            "author": "CARNEGIE MELLON",
            "id": "VU#794752",
            "trust": 0.8,
            "value": "11.85"
          },
          {
            "author": "CARNEGIE MELLON",
            "id": "VU#836024",
            "trust": 0.8,
            "value": "2.48"
          },
          {
            "author": "NVD",
            "id": "CVE-2007-0299",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200701-288",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-23661",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#315856"
      },
      {
        "db": "CERT/CC",
        "id": "VU#515792"
      },
      {
        "db": "CERT/CC",
        "id": "VU#240880"
      },
      {
        "db": "CERT/CC",
        "id": "VU#794752"
      },
      {
        "db": "CERT/CC",
        "id": "VU#836024"
      },
      {
        "db": "VULHUB",
        "id": "VHN-23661"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-001390"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200701-288"
      },
      {
        "db": "NVD",
        "id": "CVE-2007-0299"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Integer overflow in the byte_swap_sbin function in bsd/ufs/ufs/ufs_byte_order.c in Mac OS X 10.4.8 allows user-assisted remote attackers to cause a denial of service (kernel panic) by mounting a crafted Unix File System (UFS) DMG image, which triggers an invalid pointer dereference. Apple\u0027s UserNotificationCenter contains a vulnerability that may allow local users to gain elevated privileges. Apple Mac OS X Finder fails to properly handle DMG files with large volume names, which could allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Apple iChat contains a format string vulnerability. This vulnerability may allow a remote, unauthenticated attacker to execute arbitary code. A vulnerability in the way Apple iChat handles specially crafted TXT key hashes could lead to denial of service. Mac OS X is prone to a denial-of-service vulnerability. This triggers an invalid null pointer dereference. \n\n----------------------------------------------------------------------\n\nSecunia is proud to announce the availability of the Secunia Software\nInspector. \n\nThe Secunia Software Inspector is a free service that detects insecure\nversions of software that you may have installed in your system. When\ninsecure versions are detected, the Secunia Software Inspector also\nprovides thorough guidelines for updating the software to the latest\nsecure version from the vendor. \n\nTry it out online:\nhttp://secunia.com/software_inspector/\n\n----------------------------------------------------------------------\n\nTITLE:\nMac OS X Security Update Fixes Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA24198\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/24198/\n\nCRITICAL:\nHighly critical\n\nIMPACT:\nPrivilege escalation, DoS, System access\n\nWHERE:\n\u003eFrom remote\n\nOPERATING SYSTEM:\nApple Macintosh OS X\nhttp://secunia.com/product/96/\n\nDESCRIPTION:\nApple has issued a security update for Mac OS X, which fixes multiple\nvulnerabilities. \n\n1) A boundary error exists in Finder, which can be exploited by\nmalicious people to cause a buffer overflow by tricking a user to\nmount a malicious disk image. \n\n2) A null-pointer dereference error in iChat Bonjour can be exploited\nby malicious people to cause the application to crash. \n\n3) A format string error in the handling of AIM URLs in iChat can be\nexploited by malicious people to possibly execute arbitrary code. \n\nSuccessful exploitation requires that a user is tricked into\naccessing a specially crafted AIM URL. \n\nFor more information:\nSA23846\n\nSOLUTION:\nApply Security Update 2007-002:\n\nSecurity Update 2007-002 (10.4.8 Universal):\nhttp://www.apple.com/support/downloads/securityupdate2007002universal.html\n\nSecurity Update 2007-002 (10.4.8 PPC):\nhttp://www.apple.com/support/downloads/securityupdate2007002ppc.html\n\nSecurity Update 2007-002 (10.3.9 Panther):\nhttp://www.apple.com/support/downloads/securityupdate2007002panther.html\n\nPROVIDED AND/OR DISCOVERED BY:\n1) Kevin Finisterre, DigitalMunition\n3) LMH\n\nORIGINAL ADVISORY:\nApple:\nhttp://docs.info.apple.com/article.html?artnum=305102\n\nOTHER REFERENCES:\nMOAB:\n1) http://projects.info-pull.com/moab/MOAB-09-01-2007.html\n3) http://projects.info-pull.com/moab/MOAB-20-01-2007.html\n\nSA23846:\nhttp://secunia.com/advisories/23846/\n\nSA23945:\nhttp://secunia.com/advisories/23945/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2007-0299"
      },
      {
        "db": "CERT/CC",
        "id": "VU#315856"
      },
      {
        "db": "CERT/CC",
        "id": "VU#515792"
      },
      {
        "db": "CERT/CC",
        "id": "VU#240880"
      },
      {
        "db": "CERT/CC",
        "id": "VU#794752"
      },
      {
        "db": "CERT/CC",
        "id": "VU#836024"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-001390"
      },
      {
        "db": "BID",
        "id": "86767"
      },
      {
        "db": "VULHUB",
        "id": "VHN-23661"
      },
      {
        "db": "PACKETSTORM",
        "id": "54480"
      }
    ],
    "trust": 5.67
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "SECUNIA",
        "id": "24198",
        "trust": 3.3
      },
      {
        "db": "CERT/CC",
        "id": "VU#515792",
        "trust": 2.8
      },
      {
        "db": "NVD",
        "id": "CVE-2007-0299",
        "trust": 2.8
      },
      {
        "db": "SECUNIA",
        "id": "24479",
        "trust": 2.5
      },
      {
        "db": "SECUNIA",
        "id": "23725",
        "trust": 2.5
      },
      {
        "db": "USCERT",
        "id": "TA07-072A",
        "trust": 2.0
      },
      {
        "db": "SECTRACK",
        "id": "1017751",
        "trust": 2.0
      },
      {
        "db": "OSVDB",
        "id": "31653",
        "trust": 1.7
      },
      {
        "db": "VUPEN",
        "id": "ADV-2007-0930",
        "trust": 1.7
      },
      {
        "db": "BID",
        "id": "21980",
        "trust": 1.6
      },
      {
        "db": "SECTRACK",
        "id": "1017661",
        "trust": 1.6
      },
      {
        "db": "SECUNIA",
        "id": "23846",
        "trust": 0.8
      },
      {
        "db": "BID",
        "id": "22188",
        "trust": 0.8
      },
      {
        "db": "CERT/CC",
        "id": "VU#315856",
        "trust": 0.8
      },
      {
        "db": "SECTRACK",
        "id": "1017662",
        "trust": 0.8
      },
      {
        "db": "CERT/CC",
        "id": "VU#240880",
        "trust": 0.8
      },
      {
        "db": "BID",
        "id": "22146",
        "trust": 0.8
      },
      {
        "db": "CERT/CC",
        "id": "VU#794752",
        "trust": 0.8
      },
      {
        "db": "SECUNIA",
        "id": "23945",
        "trust": 0.8
      },
      {
        "db": "BID",
        "id": "22304",
        "trust": 0.8
      },
      {
        "db": "CERT/CC",
        "id": "VU#836024",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-001390",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200701-288",
        "trust": 0.7
      },
      {
        "db": "APPLE",
        "id": "APPLE-SA-2007-03-13",
        "trust": 0.6
      },
      {
        "db": "CERT/CC",
        "id": "TA07-072A",
        "trust": 0.6
      },
      {
        "db": "BID",
        "id": "86767",
        "trust": 0.4
      },
      {
        "db": "VULHUB",
        "id": "VHN-23661",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "54480",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#315856"
      },
      {
        "db": "CERT/CC",
        "id": "VU#515792"
      },
      {
        "db": "CERT/CC",
        "id": "VU#240880"
      },
      {
        "db": "CERT/CC",
        "id": "VU#794752"
      },
      {
        "db": "CERT/CC",
        "id": "VU#836024"
      },
      {
        "db": "VULHUB",
        "id": "VHN-23661"
      },
      {
        "db": "BID",
        "id": "86767"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-001390"
      },
      {
        "db": "PACKETSTORM",
        "id": "54480"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200701-288"
      },
      {
        "db": "NVD",
        "id": "CVE-2007-0299"
      }
    ]
  },
  "id": "VAR-200701-0156",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-23661"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2024-11-29T20:34:28.479000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "APPLE-SA-2007-03-13",
        "trust": 0.8,
        "url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-001390"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-Other",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2007-0299"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 3.3,
        "url": "http://docs.info.apple.com/article.html?artnum=305102"
      },
      {
        "trust": 3.3,
        "url": "http://secunia.com/advisories/24198/"
      },
      {
        "trust": 2.8,
        "url": "http://projects.info-pull.com/moab/moab-11-01-2007.html"
      },
      {
        "trust": 2.8,
        "url": "http://docs.info.apple.com/article.html?artnum=305214"
      },
      {
        "trust": 2.0,
        "url": "http://lists.apple.com/archives/security-announce/2007/mar/msg00002.html"
      },
      {
        "trust": 2.0,
        "url": "http://www.us-cert.gov/cas/techalerts/ta07-072a.html"
      },
      {
        "trust": 2.0,
        "url": "http://www.kb.cert.org/vuls/id/515792"
      },
      {
        "trust": 2.0,
        "url": "http://www.securitytracker.com/id?1017751"
      },
      {
        "trust": 1.7,
        "url": "http://www.osvdb.org/31653"
      },
      {
        "trust": 1.7,
        "url": "http://secunia.com/advisories/23725"
      },
      {
        "trust": 1.7,
        "url": "http://secunia.com/advisories/24479"
      },
      {
        "trust": 1.6,
        "url": "http://www.securityfocus.com/bid/21980"
      },
      {
        "trust": 1.6,
        "url": "http://securitytracker.com/alerts/2007/feb/1017661.html"
      },
      {
        "trust": 1.1,
        "url": "http://www.vupen.com/english/advisories/2007/0930"
      },
      {
        "trust": 0.9,
        "url": "http://secunia.com/advisories/23846/"
      },
      {
        "trust": 0.9,
        "url": "http://projects.info-pull.com/moab/moab-09-01-2007.html"
      },
      {
        "trust": 0.9,
        "url": "http://projects.info-pull.com/moab/moab-20-01-2007.html"
      },
      {
        "trust": 0.9,
        "url": "http://secunia.com/advisories/23945/"
      },
      {
        "trust": 0.8,
        "url": "http://developer.apple.com/documentation/corefoundation/reference/cfusernotificationref/reference/reference.html"
      },
      {
        "trust": 0.8,
        "url": "http://projects.info-pull.com/moab/moab-22-01-2007.html"
      },
      {
        "trust": 0.8,
        "url": "http://www.cocoadev.com/index.pl?inputmanager"
      },
      {
        "trust": 0.8,
        "url": "http://www.securityfocus.com/bid/22188"
      },
      {
        "trust": 0.8,
        "url": "http://secunia.com/advisories/23725/"
      },
      {
        "trust": 0.8,
        "url": "http://secunia.com/advisories/24479/"
      },
      {
        "trust": 0.8,
        "url": "http://securitytracker.com/alerts/2007/feb/1017662.html"
      },
      {
        "trust": 0.8,
        "url": "http://www.securityfocus.com/bid/22146"
      },
      {
        "trust": 0.8,
        "url": "http://projects.info-pull.com/moab/moab-29-01-2007.html"
      },
      {
        "trust": 0.8,
        "url": "http://www.apple.com/macosx/features/ichat/"
      },
      {
        "trust": 0.8,
        "url": "http://developer.apple.com/networking/bonjour/index.html"
      },
      {
        "trust": 0.8,
        "url": "http://www.securityfocus.com/bid/22304"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-0299"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-0299"
      },
      {
        "trust": 0.6,
        "url": "http://www.frsirt.com/english/advisories/2007/0930"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/software_inspector/"
      },
      {
        "trust": 0.1,
        "url": "http://www.apple.com/support/downloads/securityupdate2007002panther.html"
      },
      {
        "trust": 0.1,
        "url": "http://www.apple.com/support/downloads/securityupdate2007002ppc.html"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/96/"
      },
      {
        "trust": 0.1,
        "url": "http://www.apple.com/support/downloads/securityupdate2007002universal.html"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/about_secunia_advisories/"
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#315856"
      },
      {
        "db": "CERT/CC",
        "id": "VU#515792"
      },
      {
        "db": "CERT/CC",
        "id": "VU#240880"
      },
      {
        "db": "CERT/CC",
        "id": "VU#794752"
      },
      {
        "db": "CERT/CC",
        "id": "VU#836024"
      },
      {
        "db": "VULHUB",
        "id": "VHN-23661"
      },
      {
        "db": "BID",
        "id": "86767"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-001390"
      },
      {
        "db": "PACKETSTORM",
        "id": "54480"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200701-288"
      },
      {
        "db": "NVD",
        "id": "CVE-2007-0299"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CERT/CC",
        "id": "VU#315856"
      },
      {
        "db": "CERT/CC",
        "id": "VU#515792"
      },
      {
        "db": "CERT/CC",
        "id": "VU#240880"
      },
      {
        "db": "CERT/CC",
        "id": "VU#794752"
      },
      {
        "db": "CERT/CC",
        "id": "VU#836024"
      },
      {
        "db": "VULHUB",
        "id": "VHN-23661"
      },
      {
        "db": "BID",
        "id": "86767"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-001390"
      },
      {
        "db": "PACKETSTORM",
        "id": "54480"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200701-288"
      },
      {
        "db": "NVD",
        "id": "CVE-2007-0299"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2007-02-19T00:00:00",
        "db": "CERT/CC",
        "id": "VU#315856"
      },
      {
        "date": "2007-03-15T00:00:00",
        "db": "CERT/CC",
        "id": "VU#515792"
      },
      {
        "date": "2007-02-16T00:00:00",
        "db": "CERT/CC",
        "id": "VU#240880"
      },
      {
        "date": "2007-02-16T00:00:00",
        "db": "CERT/CC",
        "id": "VU#794752"
      },
      {
        "date": "2007-02-26T00:00:00",
        "db": "CERT/CC",
        "id": "VU#836024"
      },
      {
        "date": "2007-01-17T00:00:00",
        "db": "VULHUB",
        "id": "VHN-23661"
      },
      {
        "date": "2007-01-17T00:00:00",
        "db": "BID",
        "id": "86767"
      },
      {
        "date": "2012-06-26T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2007-001390"
      },
      {
        "date": "2007-02-17T04:12:18",
        "db": "PACKETSTORM",
        "id": "54480"
      },
      {
        "date": "2007-01-17T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200701-288"
      },
      {
        "date": "2007-01-17T11:28:00",
        "db": "NVD",
        "id": "CVE-2007-0299"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2007-02-19T00:00:00",
        "db": "CERT/CC",
        "id": "VU#315856"
      },
      {
        "date": "2007-03-15T00:00:00",
        "db": "CERT/CC",
        "id": "VU#515792"
      },
      {
        "date": "2007-02-23T00:00:00",
        "db": "CERT/CC",
        "id": "VU#240880"
      },
      {
        "date": "2007-03-05T00:00:00",
        "db": "CERT/CC",
        "id": "VU#794752"
      },
      {
        "date": "2007-03-16T00:00:00",
        "db": "CERT/CC",
        "id": "VU#836024"
      },
      {
        "date": "2011-03-08T00:00:00",
        "db": "VULHUB",
        "id": "VHN-23661"
      },
      {
        "date": "2007-01-17T00:00:00",
        "db": "BID",
        "id": "86767"
      },
      {
        "date": "2012-06-26T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2007-001390"
      },
      {
        "date": "2007-06-26T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200701-288"
      },
      {
        "date": "2024-11-21T00:25:31.150000",
        "db": "NVD",
        "id": "CVE-2007-0299"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200701-288"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Apple Mac OS X UserNotificationCenter privilege escalation vulnerability",
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#315856"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "unknown",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200701-288"
      }
    ],
    "trust": 0.6
  }
}

CERTA-2006-ALE-013

Vulnerability from certfr_alerte

Une mauvaise gestion des fichiers d'image disque (format DMG) permet à un utilisateur d'obtenir des privilèges élevés et de compromettre l'ordinateur à l'aide d'un fichier corrompu.

Description

Plusieurs vulnérabilités ont été identifiées, en relation avec le format DMG sous Apple MacOS X. Parmi celles-ci :

le mauvais traitement des fichiers corrompus d'image disque (format DMG) par la fonction com.apple.AppleDiskImageController peut provoquer un déni de service ;
Apple Finder ne manipulerait pas correctement des fichiers d'image dont le nom de volume dépasse 255 octets ;
le système de fichiers UFS aurait plusieurs fonctions vulnérables à des attaques de type débordement d'entiers (ou integer overflow) : ffs_mountfs() et byte_swap_sbin() ;
l'appel à la fonction ufs_dirbad() par ufs_lookup() pourrait provoquer, sous certaines conditions, un déni de service du système vulnérable ;
une image DMG contenant un système de fichiers UFS+ et construite de manière particulière pourrait provoquer un dysfonctionnement du système vulnérable, suite à l'appel à la fonction do_hfs_truncate().

Des codes exploitant ces vulnérabilités circulent sur Internet.

Contournement provisoire

N'autoriser l'accès au système vulnérable qu'aux personnes de confiance ;
limiter le téléchargement de fichiers DMG et en vérifier l'intégrité avant installation ;
désactiver l'option de Safari : Ouvrir automatiquement les fichiers « fiables » et les options équivalentes des autres navigateurs.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Apple	macOS	Apple Macintosh OS X

References

Title

Publication Time

Tags

Avis Secunia SA23012	None	vendor-advisory
Référence CVE CVE-2006-5482 :	-	other
Référence CVE CVE-2006-5679 :	-	other
Référence CVE CVE-2007-0197 :	-	other
Bulletin de sécurité Secunia du 21 novembre 2006 :	-	other
Référence CVE CVE-2007-0267 :	-	other
Référence CVE CVE-2007-0299 :	-	other
Mise à jour de sécurité Apple 2007-002 du 15 février 2007 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Apple Macintosh OS X",
      "product": {
        "name": "macOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "closed_at": "2007-02-14",
  "content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 identifi\u00e9es, en relation avec le format\nDMG sous Apple MacOS X. Parmi celles-ci :\n\n-   le mauvais traitement des fichiers corrompus d\u0027image disque (format\n    DMG) par la fonction com.apple.AppleDiskImageController peut\n    provoquer un d\u00e9ni de service ;\n-   Apple Finder ne manipulerait pas correctement des fichiers d\u0027image\n    dont le nom de volume d\u00e9passe 255 octets ;\n-   le syst\u00e8me de fichiers UFS aurait plusieurs fonctions vuln\u00e9rables \u00e0\n    des attaques de type d\u00e9bordement d\u0027entiers (ou integer overflow) :\n    ffs_mountfs() et byte_swap_sbin() ;\n-   l\u0027appel \u00e0 la fonction ufs_dirbad() par ufs_lookup() pourrait\n    provoquer, sous certaines conditions, un d\u00e9ni de service du syst\u00e8me\n    vuln\u00e9rable ;\n-   une image DMG contenant un syst\u00e8me de fichiers UFS+ et construite de\n    mani\u00e8re particuli\u00e8re pourrait provoquer un dysfonctionnement du\n    syst\u00e8me vuln\u00e9rable, suite \u00e0 l\u0027appel \u00e0 la fonction do_hfs_truncate().\n\n  \n  \n\nDes codes exploitant ces vuln\u00e9rabilit\u00e9s circulent sur Internet.\n\n## Contournement provisoire\n\n-   N\u0027autoriser l\u0027acc\u00e8s au syst\u00e8me vuln\u00e9rable qu\u0027aux personnes de\n    confiance ;\n-   limiter le t\u00e9l\u00e9chargement de fichiers DMG et en v\u00e9rifier l\u0027int\u00e9grit\u00e9\n    avant installation ;\n-   d\u00e9sactiver l\u0027option de Safari : Ouvrir automatiquement les fichiers\n    \u00ab fiables \u00bb et les options \u00e9quivalentes des autres navigateurs.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2007-0197",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0197"
    },
    {
      "name": "CVE-2006-5679",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-5679"
    },
    {
      "name": "CVE-2007-0267",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0267"
    },
    {
      "name": "CVE-2006-5482",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-5482"
    },
    {
      "name": "CVE-2007-0299",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0299"
    }
  ],
  "initial_release_date": "2006-11-23T00:00:00",
  "last_revision_date": "2007-02-16T00:00:00",
  "links": [
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2006-5482 :",
      "url": "http://www.cve-mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5482"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2006-5679 :",
      "url": "http://www.cve-mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5679"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2007-0197 :",
      "url": "http://www.cve-mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0197"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Secunia du 21 novembre 2006 :",
      "url": "http://secunia.com/advisories/23012"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2007-0267 :",
      "url": "http://www.cve-mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0267"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2007-0299 :",
      "url": "http://www.cve-mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0299"
    },
    {
      "title": "Mise \u00e0 jour de s\u00e9curit\u00e9 Apple 2007-002 du 15 f\u00e9vrier 2007 :",
      "url": "http://docs.info.apple.com/article.html?artnum=305102"
    }
  ],
  "reference": "CERTA-2006-ALE-013",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2006-11-23T00:00:00.000000"
    },
    {
      "description": "ajout de nouvelles vuln\u00e9rabilit\u00e9s et r\u00e9f\u00e9rences.",
      "revision_date": "2007-01-22T00:00:00.000000"
    },
    {
      "description": "ajout de la mise \u00e0 jour Apple.",
      "revision_date": "2007-02-16T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "Une mauvaise gestion des fichiers d\u0027image disque (format DMG) permet \u00e0\nun utilisateur d\u0027obtenir des privil\u00e8ges \u00e9lev\u00e9s et de compromettre\nl\u0027ordinateur \u00e0 l\u0027aide d\u0027un fichier corrompu.\n",
  "title": "Vuln\u00e9rabilit\u00e9 de MacOS X",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Avis Secunia SA23012",
      "url": null
    }
  ]
}

gsd-2007-0299

Vulnerability from gsd

Modified

2023-12-13 01:21

Details

Aliases

CVE-2007-0299

Aliases

CVE-2007-0299

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2007-0299",
    "description": "Integer overflow in the byte_swap_sbin function in bsd/ufs/ufs/ufs_byte_order.c in Mac OS X 10.4.8 allows user-assisted remote attackers to cause a denial of service (kernel panic) by mounting a crafted Unix File System (UFS) DMG image, which triggers an invalid pointer dereference.",
    "id": "GSD-2007-0299"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2007-0299"
      ],
      "details": "Integer overflow in the byte_swap_sbin function in bsd/ufs/ufs/ufs_byte_order.c in Mac OS X 10.4.8 allows user-assisted remote attackers to cause a denial of service (kernel panic) by mounting a crafted Unix File System (UFS) DMG image, which triggers an invalid pointer dereference.",
      "id": "GSD-2007-0299",
      "modified": "2023-12-13T01:21:35.649564Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2007-0299",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Integer overflow in the byte_swap_sbin function in bsd/ufs/ufs/ufs_byte_order.c in Mac OS X 10.4.8 allows user-assisted remote attackers to cause a denial of service (kernel panic) by mounting a crafted Unix File System (UFS) DMG image, which triggers an invalid pointer dereference."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "31653",
            "refsource": "OSVDB",
            "url": "http://www.osvdb.org/31653"
          },
          {
            "name": "TA07-072A",
            "refsource": "CERT",
            "url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"
          },
          {
            "name": "APPLE-SA-2007-03-13",
            "refsource": "APPLE",
            "url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"
          },
          {
            "name": "http://docs.info.apple.com/article.html?artnum=305214",
            "refsource": "CONFIRM",
            "url": "http://docs.info.apple.com/article.html?artnum=305214"
          },
          {
            "name": "1017751",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id?1017751"
          },
          {
            "name": "http://projects.info-pull.com/moab/MOAB-11-01-2007.html",
            "refsource": "MISC",
            "url": "http://projects.info-pull.com/moab/MOAB-11-01-2007.html"
          },
          {
            "name": "VU#515792",
            "refsource": "CERT-VN",
            "url": "http://www.kb.cert.org/vuls/id/515792"
          },
          {
            "name": "ADV-2007-0930",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2007/0930"
          },
          {
            "name": "23725",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/23725"
          },
          {
            "name": "24479",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/24479"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-0299"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Integer overflow in the byte_swap_sbin function in bsd/ufs/ufs/ufs_byte_order.c in Mac OS X 10.4.8 allows user-assisted remote attackers to cause a denial of service (kernel panic) by mounting a crafted Unix File System (UFS) DMG image, which triggers an invalid pointer dereference."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://projects.info-pull.com/moab/MOAB-11-01-2007.html",
              "refsource": "MISC",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://projects.info-pull.com/moab/MOAB-11-01-2007.html"
            },
            {
              "name": "23725",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/23725"
            },
            {
              "name": "http://docs.info.apple.com/article.html?artnum=305214",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://docs.info.apple.com/article.html?artnum=305214"
            },
            {
              "name": "VU#515792",
              "refsource": "CERT-VN",
              "tags": [
                "US Government Resource"
              ],
              "url": "http://www.kb.cert.org/vuls/id/515792"
            },
            {
              "name": "31653",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://www.osvdb.org/31653"
            },
            {
              "name": "1017751",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id?1017751"
            },
            {
              "name": "24479",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/24479"
            },
            {
              "name": "APPLE-SA-2007-03-13",
              "refsource": "APPLE",
              "tags": [],
              "url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"
            },
            {
              "name": "TA07-072A",
              "refsource": "CERT",
              "tags": [
                "US Government Resource"
              ],
              "url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"
            },
            {
              "name": "ADV-2007-0930",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2007/0930"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.1,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 6.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": true
        }
      },
      "lastModifiedDate": "2011-03-08T02:49Z",
      "publishedDate": "2007-01-17T11:28Z"
    }
  }
}

ghsa-8gg5-gxpc-4xhv

Vulnerability from github

Published

2022-05-01 17:42

Modified

2022-05-01 17:42

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2007-0299"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2007-01-17T11:28:00Z",
    "severity": "HIGH"
  },
  "details": "Integer overflow in the byte_swap_sbin function in bsd/ufs/ufs/ufs_byte_order.c in Mac OS X 10.4.8 allows user-assisted remote attackers to cause a denial of service (kernel panic) by mounting a crafted Unix File System (UFS) DMG image, which triggers an invalid pointer dereference.",
  "id": "GHSA-8gg5-gxpc-4xhv",
  "modified": "2022-05-01T17:42:58Z",
  "published": "2022-05-01T17:42:58Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-0299"
    },
    {
      "type": "WEB",
      "url": "http://docs.info.apple.com/article.html?artnum=305214"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"
    },
    {
      "type": "WEB",
      "url": "http://projects.info-pull.com/moab/MOAB-11-01-2007.html"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/23725"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/24479"
    },
    {
      "type": "WEB",
      "url": "http://www.kb.cert.org/vuls/id/515792"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/31653"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1017751"
    },
    {
      "type": "WEB",
      "url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2007/0930"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2007-0299 (GCVE-0-2007-0299)

Vulnerability from cvelistv5

CERTA-2007-AVI-124

Vulnerability from certfr_avis

Description

Solution

fkie_cve-2007-0299

Vulnerability from fkie_nvd

var-200701-0156

Vulnerability from variot

CERTA-2006-ALE-013

Vulnerability from certfr_alerte

Description

Contournement provisoire

Solution

gsd-2007-0299

Vulnerability from gsd

ghsa-8gg5-gxpc-4xhv

Vulnerability from github

Tags

Sightings

Nomenclature