var-200611-0487
Vulnerability from variot
com.apple.AppleDiskImageController in Apple Mac OS X 10.4.8, and possibly other versions, allows remote attackers to execute arbitrary code via a malformed DMG image that triggers memory corruption. NOTE: the severity of this issue has been disputed by a third party, who states that the impact is limited to a denial of service (kernel panic) due to a vm_fault call with a non-aligned address. The complete impact of this vulnerability is unclear, but may include execution of arbitrary code or denial of service. The complete impact of this vulnerability is unclear, but may include execution of arbitrary code or denial of service. Service disruption (DoS) It may be in a state. Successfully exploiting this issue allows remote users to crash affected computers, denying service to legitimate users. Mac OS X version 10.4.8 is vulnerable to this issue; other versions may also be affected. Note: Further information from Alastair Houghton reports that this issue cannot be exploited to execute arbitrary code. See the references for details. This vulnerability is triggered if a user is tricked into loading a malicious DMG file, leading to arbitrary kernel mode code execution
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200611-0487",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "apple computer",
"version": null
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.4.8"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.4.8"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.3.9"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.4.8"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.3.9"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.4.8"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "mac os server",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.9"
},
{
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.9"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#367424"
},
{
"db": "CERT/CC",
"id": "VU#367424"
},
{
"db": "BID",
"id": "21201"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000789"
},
{
"db": "CNNVD",
"id": "CNNVD-200611-363"
},
{
"db": "NVD",
"id": "CVE-2006-6061"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:apple:mac_os_x",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:mac_os_x_server",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000789"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "LMH lmh@info-pull.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200611-363"
}
],
"trust": 0.6
},
"cve": "CVE-2006-6061",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2006-6061",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-22169",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "CARNEGIE MELLON",
"id": "VU#367424",
"trust": 1.6,
"value": "15.99"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2006-6061",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2006-6061",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-200611-363",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-22169",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#367424"
},
{
"db": "CERT/CC",
"id": "VU#367424"
},
{
"db": "VULHUB",
"id": "VHN-22169"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000789"
},
{
"db": "CNNVD",
"id": "CNNVD-200611-363"
},
{
"db": "NVD",
"id": "CVE-2006-6061"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "com.apple.AppleDiskImageController in Apple Mac OS X 10.4.8, and possibly other versions, allows remote attackers to execute arbitrary code via a malformed DMG image that triggers memory corruption. NOTE: the severity of this issue has been disputed by a third party, who states that the impact is limited to a denial of service (kernel panic) due to a vm_fault call with a non-aligned address. The complete impact of this vulnerability is unclear, but may include execution of arbitrary code or denial of service. The complete impact of this vulnerability is unclear, but may include execution of arbitrary code or denial of service. Service disruption (DoS) It may be in a state. \nSuccessfully exploiting this issue allows remote users to crash affected computers, denying service to legitimate users. \nMac OS X version 10.4.8 is vulnerable to this issue; other versions may also be affected. \nNote: Further information from Alastair Houghton reports that this issue cannot be exploited to execute arbitrary code. See the references for details. This vulnerability is triggered if a user is tricked into loading a malicious DMG file, leading to arbitrary kernel mode code execution",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-6061"
},
{
"db": "CERT/CC",
"id": "VU#367424"
},
{
"db": "CERT/CC",
"id": "VU#367424"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000789"
},
{
"db": "BID",
"id": "21201"
},
{
"db": "VULHUB",
"id": "VHN-22169"
}
],
"trust": 3.42
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "21201",
"trust": 4.4
},
{
"db": "NVD",
"id": "CVE-2006-6061",
"trust": 4.4
},
{
"db": "CERT/CC",
"id": "VU#367424",
"trust": 4.4
},
{
"db": "SECUNIA",
"id": "23012",
"trust": 4.1
},
{
"db": "SECUNIA",
"id": "24479",
"trust": 3.3
},
{
"db": "SECTRACK",
"id": "1017751",
"trust": 3.3
},
{
"db": "SECTRACK",
"id": "1017260",
"trust": 2.5
},
{
"db": "USCERT",
"id": "TA07-072A",
"trust": 2.5
},
{
"db": "VUPEN",
"id": "ADV-2006-4629",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2007-0930",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "30509",
"trust": 1.7
},
{
"db": "XF",
"id": "30440",
"trust": 1.4
},
{
"db": "USCERT",
"id": "SA07-072A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000789",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200611-363",
"trust": 0.7
},
{
"db": "APPLE",
"id": "APPLE-SA-2007-03-13",
"trust": 0.6
},
{
"db": "CERT/CC",
"id": "TA07-072A",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-22169",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#367424"
},
{
"db": "CERT/CC",
"id": "VU#367424"
},
{
"db": "VULHUB",
"id": "VHN-22169"
},
{
"db": "BID",
"id": "21201"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000789"
},
{
"db": "CNNVD",
"id": "CNNVD-200611-363"
},
{
"db": "NVD",
"id": "CVE-2006-6061"
}
]
},
"id": "VAR-200611-0487",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-22169"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-29T19:58:15.627000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Update 2007-003 (10.3.9 Client)",
"trust": 0.8,
"url": "http://www.apple.com/support/downloads/securityupdate20070031039client.html"
},
{
"title": "Security Update 2007-003 (10.3.9 Server)",
"trust": 0.8,
"url": "http://www.apple.com/support/downloads/securityupdate20070031039server.html"
},
{
"title": "Security Update 2007-003",
"trust": 0.8,
"url": "http://docs.info.apple.com/article.html?artnum=305214-en"
},
{
"title": "Security Update 2007-003",
"trust": 0.8,
"url": "http://docs.info.apple.com/article.html?artnum=305214-ja"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.apple.com/jp/"
},
{
"title": "Security Update 2007-003 (10.3.9 Client)",
"trust": 0.8,
"url": "http://www.apple.com/jp/ftp-info/reference/securityupdate20070031039client.html"
},
{
"title": "Security Update 2007-003 (10.3.9 Server)",
"trust": 0.8,
"url": "http://www.apple.com/jp/ftp-info/reference/securityupdate20070031039server.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000789"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-6061"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 4.1,
"url": "http://www.securityfocus.com/bid/21201"
},
{
"trust": 3.3,
"url": "http://projects.info-pull.com/mokb/mokb-20-11-2006.html"
},
{
"trust": 3.3,
"url": "http://docs.info.apple.com/article.html?artnum=305214"
},
{
"trust": 2.8,
"url": "http://www.kb.cert.org/vuls/id/367424"
},
{
"trust": 2.5,
"url": "http://www.us-cert.gov/cas/techalerts/ta07-072a.html"
},
{
"trust": 2.4,
"url": "http://secunia.com/advisories/23012/"
},
{
"trust": 2.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-6061"
},
{
"trust": 2.0,
"url": "http://alastairs-place.net/2006/11/dmg-vulnerability/"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2007/mar/msg00002.html"
},
{
"trust": 1.7,
"url": "http://kernelfun.blogspot.com/2006/11/more-mokb-20-11-2006-related-news.html"
},
{
"trust": 1.7,
"url": "http://www.matasano.com/log/633/alastair-houghton-debunks-lmh-mokb-finding/"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/30509"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1017260"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id?1017751"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/23012"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/24479"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/24479/"
},
{
"trust": 1.6,
"url": "http://securitytracker.com/alerts/2007/mar/1017751.html"
},
{
"trust": 1.4,
"url": "http://www.frsirt.com/english/advisories/2006/4629"
},
{
"trust": 1.4,
"url": "http://xforce.iss.net/xforce/xfdb/30440"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2006/4629"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2007/0930"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30440"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta07-072a/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23367424/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/trta07-072a/index.html"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2006-6061"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2006/nov/1017260.html"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa07-072a.html"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2007/0930"
},
{
"trust": 0.3,
"url": "http://www.info.apple.com/usen/security/security_updates.html"
},
{
"trust": 0.3,
"url": "http://www.apple.com/macosx/"
},
{
"trust": 0.3,
"url": "http://kernelfun.blogspot.com/2006/11/mokb-20-11-2006-mac-os-x-apple-udif.html"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#367424"
},
{
"db": "CERT/CC",
"id": "VU#367424"
},
{
"db": "VULHUB",
"id": "VHN-22169"
},
{
"db": "BID",
"id": "21201"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000789"
},
{
"db": "CNNVD",
"id": "CNNVD-200611-363"
},
{
"db": "NVD",
"id": "CVE-2006-6061"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#367424"
},
{
"db": "CERT/CC",
"id": "VU#367424"
},
{
"db": "VULHUB",
"id": "VHN-22169"
},
{
"db": "BID",
"id": "21201"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000789"
},
{
"db": "CNNVD",
"id": "CNNVD-200611-363"
},
{
"db": "NVD",
"id": "CVE-2006-6061"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-11-22T00:00:00",
"db": "CERT/CC",
"id": "VU#367424"
},
{
"date": "2006-11-22T00:00:00",
"db": "CERT/CC",
"id": "VU#367424"
},
{
"date": "2006-11-22T00:00:00",
"db": "VULHUB",
"id": "VHN-22169"
},
{
"date": "2006-11-20T00:00:00",
"db": "BID",
"id": "21201"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-000789"
},
{
"date": "2006-11-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200611-363"
},
{
"date": "2006-11-22T01:07:00",
"db": "NVD",
"id": "CVE-2006-6061"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-03-20T00:00:00",
"db": "CERT/CC",
"id": "VU#367424"
},
{
"date": "2007-03-20T00:00:00",
"db": "CERT/CC",
"id": "VU#367424"
},
{
"date": "2017-07-20T00:00:00",
"db": "VULHUB",
"id": "VHN-22169"
},
{
"date": "2007-03-15T03:34:00",
"db": "BID",
"id": "21201"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-000789"
},
{
"date": "2007-04-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200611-363"
},
{
"date": "2024-11-21T00:21:38.483000",
"db": "NVD",
"id": "CVE-2006-6061"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200611-363"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apple Mac OS X fails to properly handle corrupted DMG image structures",
"sources": [
{
"db": "CERT/CC",
"id": "VU#367424"
},
{
"db": "CERT/CC",
"id": "VU#367424"
}
],
"trust": 1.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Boundary Condition Error",
"sources": [
{
"db": "BID",
"id": "21201"
},
{
"db": "CNNVD",
"id": "CNNVD-200611-363"
}
],
"trust": 0.9
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…