Lucene search

MitreCVE-2006-3500

HistoryAug 03, 2006 - 1:04 a.m.

CVE-2006-3500

2006-08-0301:04:00

mitre

web.nvd.nist.gov

apple

mac os x

cve-2006-3500

dynamic linker

security vulnerability

arbitrary code execution

nvd

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

Confidence

Low

EPSS

0.001

Percentile

38.4%

JSON

The dynamic linker (dyld) in Apple Mac OS X 10.4.7 allows local users to execute arbitrary code via an “improperly handled condition” that leads to use of “dangerous paths,” probably related to an untrusted search path vulnerability.

Affected configurations

Nvd

Node

applemac_os_xMatch10.4.7

applemac_os_x_serverMatch10.4.7

VendorProductVersionCPE
applemac_os_x10.4.7cpe:2.3:o:apple:mac_os_x:10.4.7:*:*:*:*:*:*:*
applemac_os_x_server10.4.7cpe:2.3:o:apple:mac_os_x_server:10.4.7:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
apple	mac_os_x	10.4.7	cpe:2.3:o:apple:mac_os_x:10.4.7:::::::*
apple	mac_os_x_server	10.4.7	cpe:2.3:o:apple:mac_os_x_server:10.4.7:::::::*

References

lists.apple.com/archives/security-announce/2006//Aug/msg00000.html

secunia.com/advisories/21253

www.osvdb.org/27738

www.securityfocus.com/bid/19289

www.us-cert.gov/cas/techalerts/TA06-214A.html

www.vupen.com/english/advisories/2006/3101

exchange.xforce.ibmcloud.com/vulnerabilities/28141

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

Confidence

Low

EPSS

0.001

Percentile

38.4%

JSON

Related for CVE-2006-3500