Lucene search

[email protected]CVE-2007-0355

HistoryJan 19, 2007 - 1:28 a.m.

CVE-2007-0355

2007-01-1901:28:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2007-0355

buffer overflow

apple

slp

mac os x

privilege escalation

arbitrary code execution

nvd

7.6 High

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.014 Low

EPSS

Percentile

86.4%

JSON

Buffer overflow in the Apple Minimal SLP v2 Service Agent (slpd) in Mac OS X 10.4.11 and earlier, including 10.4.8, allows local users, and possibly remote attackers, to gain privileges and possibly execute arbitrary code via a registration request with an invalid attr-list field.

CPENameOperatorVersion
apple:minimal_slp_service_agentapple minimal slp service agenteq10.4.11
apple:mac_os_xapple mac os xeq10.4.8

CPE	Name	Operator	Version
apple:minimal_slp_service_agent	apple minimal slp service agent	eq	10.4.11
apple:mac_os_x	apple mac os x	eq	10.4.8

References

docs.info.apple.com/article.html?artnum=307430

lists.apple.com/archives/security-announce/2008/Feb/msg00002.html

projects.info-pull.com/moab/MOAB-17-01-2007.html

secunia.com/advisories/23796

securitytracker.com/id?1017533

securitytracker.com/id?1019359

www.osvdb.org/32693

www.securityfocus.com/bid/22101

www.us-cert.gov/cas/techalerts/TA08-043B.html

www.vupen.com/english/advisories/2007/0239

exchange.xforce.ibmcloud.com/vulnerabilities/31562

www.exploit-db.com/exploits/3151

7.6 High

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.014 Low

EPSS

Percentile

86.4%

JSON

Related for CVE-2007-0355

prion1 securityvulns2 cvelist1 openvas2 nessus2