Secunia Logo  
 Vulnerability InformationVulnerability ScanningCommunityBlog - new entry!Corporate InformationOnline ShopCustomer Login  
 Secunia AdvisoriesSecunia ResearchBinary Analysis  
Home > Vulnerability Information > Secunia Advisories > CVE-2007-0229
Secunia Advisories
Advisories
Search
Advisories by Product
Advisories by Vendor
Historic Advisories
Mailing Lists
Report Vulnerability
Contact Form
Business Solutions Restricted
Partner Solutions Restricted
About


Secunia PSI WorldMap 		 
CVE Reference: CVE-2007-0229
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE:
CVE-2007-0229

Description:
Integer overflow in the ffs_mountfs function in Mac OS X 10.4.8 and FreeBSD 6.1 allows local users to cause a denial of service (panic) and possibly gain privileges via a crafted DMG image that causes "allocation of a negative size buffer" leading to a heap-based buffer overflow, a related issue to CVE-2006-5679. NOTE: a third party states that this issue does not cross privilege boundaries in FreeBSD because only root may mount a filesystem.

CVE Status:
Candidate

References:

XF
  http://xforce.iss.net/xforce/xfdb/31409

ST
  1017751

SAID
  Secunia Advisory: SA23703
  Secunia Advisory: SA24479

OSVDB
  32684

MLIST
  http://lists.freebsd.org/pipermail/freebsd-security/2007-January/004218.html

MISC
  http://projects.info-pull.com/moab/MOAB-10-01-2007.html
  http://applefun.blogspot.com/2007/01/moab-10-01-2007-apple-dmg-ufs.html

CONFIRM
  http://docs.info.apple.com/article.html?artnum=305214

CERT
  http://www.us-cert.gov/cas/techalerts/TA07-072A.html

BID
  21993

APPLE
  http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html


Return to the previous page.


Contact | Terms & Conditions and Copyright | Report Vulnerability | Press | Jobs (open positions) | About Secunia
Copyright Secunia 2002-2009