Lucene search

[email protected]CVE-2006-6353

HistoryOct 03, 2022 - 4:21 p.m.

CVE-2006-6353

2022-10-0316:21:22

[email protected]

web.nvd.nist.gov

cve-2006-6353

mac os x

bomarchivehelper

denial of service

remote attackers

application crash

isec partners filep fuzzer

7.2 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.002 Low

EPSS

Percentile

53.5%

JSON

Multiple unspecified vulnerabilities in BOMArchiveHelper in Mac OS X allow user-assisted remote attackers to cause a denial of service (application crash) via unspecified vectors related to (1) certain KERN_PROTECTION_FAILURE thread crashes and (2) certain KERN_INVALID_ADDRESS thread crashes, as discovered with the “iSec Partners FileP fuzzer”.

Affected configurations

NVD

Node

applebomarchivehelper

Node

applemac_os_xMatch10.4.8

applemac_os_x_serverMatch10.4.8

CPENameOperatorVersion
apple:bomarchivehelperapple bomarchivehelpereq*

CPE	Name	Operator	Version
apple:bomarchivehelper	apple bomarchivehelper	eq	*

References

security-protocols.com/2006/12/04/bomarchivehelper-needs-some-lovin/

www.securityfocus.com/bid/21446

7.2 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.002 Low

EPSS

Percentile

53.5%

JSON

Related for CVE-2006-6353

nvd1 cvelist1