|
|
CVE Reference: CVE-2007-0229 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2007-0229 |
|
|
Description: Integer overflow in the ffs_mountfs function in Mac OS X 10.4.8 and FreeBSD 6.1 allows local users to cause a denial of service (panic) and possibly gain privileges via a crafted DMG image that causes "allocation of a negative size buffer" leading to a heap-based buffer overflow, a related issue to CVE-2006-5679. NOTE: a third party states that this issue does not cross privilege boundaries in FreeBSD because only root may mount a filesystem. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/31409 ST 1017751 SAID Secunia Advisory: SA23703 Secunia Advisory: SA24479 OSVDB 32684 MLIST http://lists.freebsd.org/pipermail/freebsd-security/2007-January/004218.html MISC http://projects.info-pull.com/moab/MOAB-10-01-2007.html http://applefun.blogspot.com/2007/01/moab-10-01-2007-apple-dmg-ufs.html CONFIRM http://docs.info.apple.com/article.html?artnum=305214 CERT http://www.us-cert.gov/cas/techalerts/TA07-072A.html BID 21993 APPLE http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html |
|
| Return to the previous page. |
