Lucene search

[email protected]CVE-2007-0236

HistoryJan 16, 2007 - 6:28 p.m.

CVE-2007-0236

2007-01-1618:28:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2007-0236

apple

mac os x

vulnerability

denial of service

buffer overflow

arbitrary code execution

7.8 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.256 Low

EPSS

Percentile

96.7%

JSON

Double free vulnerability in the _ATPsndrsp function in Apple Mac OS X 10.4.8, and possibly other versions, allows remote attackers to cause a denial of service (kernel panic) and possibly execute arbitrary code via a crafted AppleTalk request that triggers a heap-based buffer overflow.

CPENameOperatorVersion
apple:mac_os_xapple mac os xeq10.4.8

CPE	Name	Operator	Version
apple:mac_os_x	apple mac os x	eq	10.4.8

References

docs.info.apple.com/article.html?artnum=305214

lists.apple.com/archives/security-announce/2007/Mar/msg00002.html

projects.info-pull.com/moab/MOAB-14-01-2007.html

secunia.com/advisories/23708

secunia.com/advisories/24479

securitytracker.com/id?1017513

www.osvdb.org/32687

www.securityfocus.com/bid/22041

www.securitytracker.com/id?1017751

www.us-cert.gov/cas/techalerts/TA07-072A.html

www.vupen.com/english/advisories/2007/0191

www.vupen.com/english/advisories/2007/0930

www.exploit-db.com/exploits/3130

7.8 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.256 Low

EPSS

Percentile

96.7%

JSON

Related for CVE-2007-0236

cvelist1 securityvulns1 prion1 nessus1