ID CVE-2006-0392 Type cve Reporter NVD Modified 2017-07-19T21:29:43
Description
Buffer overflow in Apple Mac OS X 10.4.7 allows user-assisted attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted Canon RAW image.
{"osvdb": [{"lastseen": "2017-04-28T13:20:24", "bulletinFamily": "software", "description": "## Vulnerability Description\nA local overflow exists in Mac OS X. The image handling code fails to validate Canon RAW files resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.\n## Solution Description\nCurrently, there are no known workarounds or upgrades to correct this issue. However, Apple has released a patch (Security Update 2006-004) to address this vulnerability.\n## Short Description\nA local overflow exists in Mac OS X. The image handling code fails to validate Canon RAW files resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.\n## References:\n[Vendor Specific Advisory URL](http://docs.info.apple.com/article.html?artnum=304063)\n[Secunia Advisory ID:21253](https://secuniaresearch.flexerasoftware.com/advisories/21253/)\n[Related OSVDB ID: 27730](https://vulners.com/osvdb/OSVDB:27730)\n[Related OSVDB ID: 27731](https://vulners.com/osvdb/OSVDB:27731)\n[Related OSVDB ID: 27734](https://vulners.com/osvdb/OSVDB:27734)\n[Related OSVDB ID: 27735](https://vulners.com/osvdb/OSVDB:27735)\n[Related OSVDB ID: 27736](https://vulners.com/osvdb/OSVDB:27736)\n[Related OSVDB ID: 27741](https://vulners.com/osvdb/OSVDB:27741)\n[Related OSVDB ID: 27732](https://vulners.com/osvdb/OSVDB:27732)\n[Related OSVDB ID: 27733](https://vulners.com/osvdb/OSVDB:27733)\n[Related OSVDB ID: 27737](https://vulners.com/osvdb/OSVDB:27737)\n[Related OSVDB ID: 27740](https://vulners.com/osvdb/OSVDB:27740)\n[Related OSVDB ID: 27738](https://vulners.com/osvdb/OSVDB:27738)\n[Related OSVDB ID: 27742](https://vulners.com/osvdb/OSVDB:27742)\n[Related OSVDB ID: 27743](https://vulners.com/osvdb/OSVDB:27743)\n[Related OSVDB ID: 27744](https://vulners.com/osvdb/OSVDB:27744)\n[Related OSVDB ID: 27745](https://vulners.com/osvdb/OSVDB:27745)\n[CVE-2006-0392](https://vulners.com/cve/CVE-2006-0392)\nCERT VU: 527236\n", "modified": "2006-07-14T08:04:30", "published": "2006-07-14T08:04:30", "href": "https://vulners.com/osvdb/OSVDB:27739", "id": "OSVDB:27739", "title": "Mac OS X Image RAW Canon RAW Image Processing Overflow", "type": "osvdb", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "cert": [{"lastseen": "2018-12-25T20:19:15", "bulletinFamily": "info", "description": "### Overview \n\nThe Apple Mac OS X ImageIO framework contains a buffer overflow that may allow a remote attacker to execute arbitrary code on an affected system.\n\n### Description \n\nRAW image files provide access to image information directly from a camera's sensor prior to in-camera processing, retaining the maximum amount of image data. This allows for subsequent processing of the information using a raw conversion application such as Aperture and iPhoto. \n\nApple's ImageIO is an image processing framework that was introduced in Mac OS X 10.4 (Tiger). It includes the ability to process images in a number of different formats, including RAW image files. ImageIO contains an unspecified buffer overflow in the handling of Canon RAW image files. \n \n--- \n \n### Impact \n\nBy convincing a user to view a specially crafted Canon RAW image file, an attacker could execute arbitrary code with the privileges of the user. The attacker could also cause the application using the ImageIO library to crash. Any application which uses ImageIO may be vulnerable. \n \n--- \n \n### Solution \n\n**Update** \n \nApply the [update](<http://lists.apple.com/archives/security-announce/2006/Jun/msg00000.html>) provided by Apple. Refer to [Apple Security Update 2004-004](<http://docs.info.apple.com/article.html?artnum=304063>) for more information. \n \n--- \n \n### Vendor Information\n\n527236\n\nFilter by status: All Affected Not Affected Unknown\n\nFilter by content: __ Vendor has issued information\n\n__ Sort by: Status Alphabetical\n\nExpand all\n\n__ Affected __ Unknown __ Unaffected \n\n**Javascript is disabled. Click here to view vendors.**\n\n### __ Apple Computer, Inc. \n\nNotified: August 02, 2006 Updated: August 04, 2006 \n\n### Status\n\n__ Vulnerable\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nApply the [update](<http://lists.apple.com/archives/security-announce/2006/Jun/msg00000.html>) provided by Apple. Refer to [Apple Security Update 2004-004](<http://docs.info.apple.com/article.html?artnum=304063>) for more information.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23527236 Feedback>).\n\n \n\n\n### CVSS Metrics \n\nGroup | Score | Vector \n---|---|--- \nBase | N/A | N/A \nTemporal | N/A | N/A \nEnvironmental | | N/A \n \n \n\n\n### References \n\n * <http://docs.info.apple.com/article.html?artnum=304063>\n * <http://secunia.com/advisories/21253/>\n\n### Credit\n\nThanks to Apple Product Security for reporting this vulnerability. \n\nThis document was written by Joseph Pruszynski. \n\n### Other Information\n\n**CVE IDs:** | [CVE-2006-0392](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-0392>) \n---|--- \n**Severity Metric:****** | 7.43 \n**Date Public:** | 2006-08-01 \n**Date First Published:** | 2006-08-04 \n**Date Last Updated: ** | 2006-08-04 20:44 UTC \n**Document Revision: ** | 51 \n", "modified": "2006-08-04T20:44:00", "published": "2006-08-04T00:00:00", "id": "VU:527236", "href": "https://www.kb.cert.org/vuls/id/527236", "type": "cert", "title": "Apple Mac OS X Image RAW vulnerable to buffer overflow via specially crafted Canon RAW image", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "seebug": [{"lastseen": "2017-11-19T22:22:28", "bulletinFamily": "exploit", "description": "Apple Mac OS X\u662f\u82f9\u679c\u5bb6\u65cf\u673a\u5668\u6240\u4f7f\u7528\u7684\u64cd\u4f5c\u7cfb\u7edf\u3002\r\n\r\n\u6700\u65b0\u7684Mac OS X\u66f4\u65b0\u4fee\u590d\u4e86\u591a\u4e2a\u6f0f\u6d1e\uff0c\u5177\u4f53\u5982\u4e0b\uff1a\r\n\r\nCVE-2006-1472\r\n\r\nAFP Server\u4e2d\u7684\u6f0f\u6d1e\u5141\u8bb8\u5728\u641c\u7d22\u7ed3\u679c\u4e2d\u5305\u542b\u6267\u884c\u641c\u7d22\u7528\u6237\u65e0\u6743\u8bbf\u95ee\u7684\u6587\u4ef6\u548c\u6587\u4ef6\u5939\u3002\u5982\u679c\u6587\u4ef6\u540d\u672c\u8eab\u5c31\u662f\u654f\u611f\u4fe1\u606f\u7684\u8bdd\uff0c\u5c31\u53ef\u80fd\u5bfc\u81f4\u4fe1\u606f\u6cc4\u9732\uff1b\u5982\u679c\u6743\u9650\u5141\u8bb8\u7684\u8bdd\uff0c\u653b\u51fb\u8005\u8fd8\u53ef\u4ee5\u8bbf\u95ee\u6587\u4ef6\u5185\u5bb9\u3002\r\n\r\nCVE-2006-1473\r\n\r\n\u5df2\u8ba4\u8bc1\u7528\u6237\u53ef\u4ee5\u89e6\u53d1AFP Server\u4e2d\u7684\u6574\u6570\u6ea2\u51fa\u6f0f\u6d1e\uff0c\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\u6216\u4ee5\u7cfb\u7edf\u6743\u9650\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002AFP Server\u5728Mac OS X\u4e2d\u4e0d\u662f\u9ed8\u8ba4\u542f\u7528\u7684\u3002\r\n\r\nCVE-2006-3495\r\n\r\n\u5728Mac OS X Server\u4e0a\uff0cAFP Server\u652f\u6301\u5728\u7f51\u7edc\u65ad\u5f00\u540e\u91cd\u65b0\u8fde\u63a5\u6587\u4ef6\u5171\u4eab\u4f1a\u8bdd\u3002\u91cd\u65b0\u8fde\u63a5\u5bc6\u94a5\u7684\u5b58\u50a8\u662f\u5b8c\u5168\u53ef\u8bfb\u7684\uff0c\u56e0\u6b64\u901a\u8fc7\u8ba4\u8bc1\u7684\u672c\u5730\u7528\u6237\u5c31\u53ef\u4ee5\u8bfb\u53d6\u8be5\u5bc6\u94a5\uff0c\u626e\u6f14\u4e3aAFP\u4e0a\u7684\u5176\u4ed6\u7528\u6237\uff0c\u5e76\u4ee5\u6240\u626e\u6f14\u7528\u6237\u7684\u6743\u9650\u8bbf\u95ee\u6587\u4ef6\u6216\u6587\u4ef6\u5939\u3002\r\n\r\nCVE-2006-3496\r\n\r\n\u653b\u51fb\u8005\u53ef\u4ee5\u901a\u8fc7\u7279\u5236\u7684\u65e0\u6548AFP\u8bf7\u6c42\u89e6\u53d1AFP Server\u4e2d\u7684\u62d2\u7edd\u670d\u52a1\u3002\r\n\r\nCVE-2006-3497\r\n\r\nBom\u7684\u538b\u7f29\u72b6\u6001\u5904\u7406\u53ef\u80fd\u5bfc\u81f4\u5806\u7834\u574f\u3002\u653b\u51fb\u8005\u53ef\u4ee5\u521b\u5efa\u7279\u5236\u7684Zip\u6587\u6863\u5e76\u8bf1\u9a97\u7528\u6237\u6253\u5f00\u6765\u89e6\u53d1\u8fd9\u4e2a\u6f0f\u6d1e\uff0c\u5bfc\u81f4\u5e94\u7528\u7a0b\u5e8f\u5d29\u6e83\u6216\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\r\n\r\nCVE-2006-3498\r\n\r\nbootpd\u7684\u8bf7\u6c42\u5904\u7406\u4e2d\u5b58\u5728\u6808\u6ea2\u51fa\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u4ee5\u901a\u8fc7\u7279\u5236\u7684BOOTP\u8bf7\u6c42\u89e6\u53d1\u8fd9\u4e2a\u6f0f\u6d1e\uff0c\u5bfc\u81f4\u4ee5\u7cfb\u7edf\u6743\u9650\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002bootpd\u5728Mac OS X\u4e0a\u4e0d\u662f\u9ed8\u8ba4\u542f\u7528\u7684\uff0c\u5fc5\u987b\u624b\u52a8\u914d\u7f6e\u3002\r\n\r\nCVE-2006-3499\r\n\r\n\u6076\u610f\u7684\u672c\u5730\u7528\u6237\u53ef\u4ee5\u6307\u5b9a\u52a8\u6001\u8fde\u63a5\u5668\u9009\u9879\uff0c\u5bfc\u81f4\u6807\u51c6\u9519\u8bef\u8f93\u51fa\u3002\u8fd9\u79cd\u8f93\u51fa\u5305\u542b\u6709\u654f\u611f\u5185\u5bb9\u6216\u7528\u6237\u6307\u5b9a\u7684\u5185\u5bb9\uff0c\u56e0\u6b64\u89e3\u6790\u6216\u91cd\u65b0\u4f7f\u7528\u6807\u51c6\u9519\u8bef\u7684\u7279\u6743\u5e94\u7528\u7a0b\u5e8f\u53ef\u80fd\u53d7\u5230\u4e0d\u826f\u7684\u5f71\u54cd\u3002\r\n\r\nCVE-2006-3500\r\n\r\n\u5728\u641c\u7d22\u52a0\u8f7d\u5230\u7279\u6743\u5e94\u7528\u7a0b\u5e8f\u7684\u51fd\u6570\u5e93\u65f6\u6ca1\u6709\u6b63\u786e\u7684\u5904\u7406\u52a8\u6001\u8fde\u63a5\u5668\uff0c\u53ef\u80fd\u5bfc\u81f4\u5305\u542b\u5371\u9669\u7684\u8def\u5f84\uff0c\u8fd9\u6837\u6076\u610f\u7684\u672c\u5730\u7528\u6237\u5c31\u53ef\u4ee5\u5bfc\u81f4\u52a0\u8f7d\u52a8\u6001\u8fde\u63a5\u5668\uff0c\u4ee5\u63d0\u5347\u7684\u6743\u9650\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\r\n\r\nCVE-2006-0392\r\n\r\n\u653b\u51fb\u8005\u53ef\u4ee5\u901a\u8fc7\u7279\u5236\u7684Canon RAW\u56fe\u5f62\u89e6\u53d1\u6ea2\u51fa\uff0c\u5bfc\u81f4\u5e94\u7528\u7a0b\u5e8f\u5d29\u6e83\u6216\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\r\n\r\nCVE-2006-3501\r\n\r\n\u653b\u51fb\u8005\u53ef\u4ee5\u901a\u8fc7\u7279\u5236\u7684Radiance\u56fe\u5f62\u89e6\u53d1\u6574\u6570\u6ea2\u51fa\uff0c\u5bfc\u81f4\u5e94\u7528\u7a0b\u5e8f\u5d29\u6e83\u6216\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\r\n\r\nCVE-2006-3502\r\n\r\n\u653b\u51fb\u8005\u53ef\u4ee5\u901a\u8fc7\u7279\u5236\u7684GIF\u56fe\u5f62\u89e6\u53d1\u5185\u5b58\u5206\u914d\u5931\u8d25\uff0c\u5bfc\u81f4\u5e94\u7528\u7a0b\u5e8f\u5d29\u6e83\u6216\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\r\n\r\nCVE-2006-3503\r\n\r\n\u653b\u51fb\u8005\u53ef\u4ee5\u901a\u8fc7\u7279\u5236\u7684GIF\u56fe\u5f62\u89e6\u53d1\u6574\u6570\u6ea2\u51fa\uff0c\u5bfc\u81f4\u5e94\u7528\u7a0b\u5e8f\u5d29\u6e83\u6216\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\r\n\r\nCVE-2006-3504\r\n\r\n\u4e0b\u8f7d\u9a8c\u8bc1\u53ef\u80fd\u5c06\u67d0\u4e9b\u5305\u542b\u6709HTML\u7684\u6587\u4ef6\u9519\u8bef\u7684\u8bc6\u522b\u4e3a\u201c\u5b89\u5168\u201d\u3002\u5982\u679c\u5728Safari\u4e2d\u4e0b\u8f7d\u4e86\u8fd9\u6837\u7684\u6587\u4ef6\u4e14Safari\u7684\u201c\u4e0b\u8f7d\u540e\u6253\u5f00\u5b89\u5168\u7684\u6587\u4ef6\u201d\u9009\u9879\u5df2\u542f\u7528\uff0c\u5219\u5c31\u4f1a\u4ece\u672c\u5730URI\u81ea\u52a8\u6253\u5f00HTML\u6587\u6863\uff0c\u5141\u8bb8\u6587\u6863\u4e2d\u5d4c\u5165\u7684JavaScript\u4ee3\u7801\u7ed5\u8fc7\u8bbf\u95ee\u9650\u5236\u3002\r\n\r\nCVE-2006-0393\r\n\r\n\u5982\u679c\u4f7f\u7528\u4e0d\u5b58\u5728\u7684\u5e10\u53f7\u8bd5\u56fe\u767b\u5f55\u5230OpenSSH Server\u7684\u8bdd\u5c31\u4f1a\u5bfc\u81f4\u8ba4\u8bc1\u8fdb\u7a0b\u6302\u8d77\u3002\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u8fd9\u79cd\u884c\u4e3a\u68c0\u6d4b\u662f\u5426\u5b58\u5728\u7279\u5b9a\u7684\u5e10\u53f7\uff0c\u5927\u91cf\u7684\u5c1d\u8bd5\u8fd8\u53ef\u4ee5\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\u3002\r\n\r\nCVE-2006-3505\r\n\r\n\u7279\u5236\u7684HTML\u6587\u6863\u53ef\u80fd\u5bfc\u81f4\u8bbf\u95ee\u4e4b\u524d\u5df2\u89e3\u9664\u5206\u914d\u7684\u5bf9\u8c61\uff0c\u9020\u6210\u5e94\u7528\u7a0b\u5e8f\u5d29\u6e83\u6216\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\r\n\r\n\u6b64\u5916\uff0c\u8fd9\u4e2a\u66f4\u65b0\u8fd8\u4fee\u590d\u4e86\u5176\u4ed6\u4e00\u4e9b\u7b2c\u4e09\u65b9\u4ea7\u54c1\u4e2d\u7684\u591a\u4e2a\u6f0f\u6d1e\u3002\r\n\n\nApple Mac OS X 10.4.7\r\nApple Mac OS X 10.3.9\r\nApple MacOS X Server 10.4.7\r\nApple MacOS X Server 10.3.9\n \u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\nApple Mac OS X Server 10.3.9\r\n\r\n<a href=\"http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=11231&cat=1&platform=osx&method=sa/SecUpdSrvr2006-004Pan.dmg\" target=\"_blank\">http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=11231&cat=1&platform=osx&method=sa/SecUpdSrvr2006-004Pan.dmg</a>\r\n\r\nApple Mac OS X 10.3.9\r\n\r\n<a href=\"http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=11230&cat=1&platform=osx&method=sa/SecUpd2006-004Pan.dmg\" target=\"_blank\">http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=11230&cat=1&platform=osx&method=sa/SecUpd2006-004Pan.dmg</a>\r\n\r\nApple Mac OS X 10.4.7\r\n\r\n<a href=\"http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=11232&cat=1&platform=osx&method=sa/SecUpd2006-004Intel.dmg\" target=\"_blank\">http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=11232&cat=1&platform=osx&method=sa/SecUpd2006-004Intel.dmg</a>", "modified": "2006-11-04T00:00:00", "published": "2006-11-04T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-396", "id": "SSV:396", "type": "seebug", "title": "Apple Mac OS X\u591a\u4e2a\u5b89\u5168\u6f0f\u6d1e", "sourceData": "", "sourceHref": "", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2019-01-16T20:06:46", "bulletinFamily": "scanner", "description": "The remote host is running Apple Mac OS X, but lacks\nSecurity Update 2006-004.\n\nThis security update contains fixes for the following\napplications :\n\nAFP Server\nBluetooth\nBom\nDHCP\ndyld\nfetchmail\ngnuzip\nImageIO\nLaunchServices\nOpenSSH\ntelnet\nWebKit", "modified": "2018-07-14T00:00:00", "published": "2006-08-01T00:00:00", "id": "MACOSX_SECUPD2006-004.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=22125", "title": "Mac OS X Multiple Vulnerabilities (Security Update 2006-004)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(22125);\n script_version(\"1.23\");\n script_cvs_date(\"Date: 2018/07/14 1:59:35\");\n\n script_cve_id(\"CVE-2005-0488\", \"CVE-2005-0988\", \"CVE-2005-1228\", \"CVE-2005-2335\", \"CVE-2005-3088\",\n \"CVE-2005-4348\", \"CVE-2006-0321\", \"CVE-2006-0392\", \"CVE-2006-0393\", \"CVE-2006-1472\",\n \"CVE-2006-1473\", \"CVE-2006-3459\", \"CVE-2006-3461\", \"CVE-2006-3462\", \"CVE-2006-3465\",\n \"CVE-2006-3495\", \"CVE-2006-3496\", \"CVE-2006-3497\", \"CVE-2006-3498\", \"CVE-2006-3499\",\n \"CVE-2006-3500\", \"CVE-2006-3501\", \"CVE-2006-3502\", \"CVE-2006-3503\", \"CVE-2006-3504\",\n \"CVE-2006-3505\");\n script_bugtraq_id(19289);\n\n script_name(english:\"Mac OS X Multiple Vulnerabilities (Security Update 2006-004)\");\n script_summary(english:\"Check for Security Update 2006-004\");\n\n script_set_attribute(attribute:\"synopsis\", value:\"The remote operating system is missing a vendor-supplied patch.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is running Apple Mac OS X, but lacks\nSecurity Update 2006-004.\n\nThis security update contains fixes for the following\napplications :\n\nAFP Server\nBluetooth\nBom\nDHCP\ndyld\nfetchmail\ngnuzip\nImageIO\nLaunchServices\nOpenSSH\ntelnet\nWebKit\");\n # http://web.archive.org/web/20070728033955/http://docs.info.apple.com/article.html?artnum=304063\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?6e97e41a\");\n script_set_attribute(attribute:\"solution\", value:\n\"Mac OS X 10.4 :\n\nhttp://www.apple.com/support/downloads/securityupdate2006004macosx1047clientintel.html\nhttp://www.apple.com/support/downloads/securityupdate2006004macosx1047clientppc.html\n\nMac OS X 10.3 :\n\nhttp://www.apple.com/support/downloads/securityupdate20060041039client.html\nhttp://www.apple.com/support/downloads/securityupdate20060041039server.html\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Apple iOS MobileMail LibTIFF Buffer Overflow');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/06/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/08/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/08/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:mac_os_x\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2018 Tenable Network Security, Inc.\");\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/MacOSX/packages\");\n exit(0);\n}\n\npackages = get_kb_item(\"Host/MacOSX/packages\");\nif ( ! packages ) exit(0);\n\n\nuname = get_kb_item(\"Host/uname\");\nif ( egrep(pattern:\"Darwin.* (7\\.[0-9]\\.|8\\.[0-7]\\.)\", string:uname) )\n{\n if (!egrep(pattern:\"^SecUpd(Srvr)?(2006-00[467]|2007-00[38])\", string:packages)) security_hole(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}