Lucene search

[email protected]CVE-2007-0465

HistoryJan 31, 2007 - 1:28 a.m.

CVE-2007-0465

2007-01-3101:28:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve

2007

0465

format string vulnerability

apple installer

mac os x

remote code execution

nvd

7.4 High

AI Score

Confidence

Low

7.6 High

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

0.928 High

EPSS

Percentile

99.0%

JSON

Format string vulnerability in Apple Installer 2.1.5 on Mac OS X 10.4.8 allows user-assisted remote attackers to execute arbitrary code via format string specifiers in a (1) PKG, (2) DISTZ, or (3) MPKG package filename.

CPENameOperatorVersion
apple:installerapple installereq2.1.5
apple:mac_os_xapple mac os xeq10.4.8

CPE	Name	Operator	Version
apple:installer	apple installer	eq	2.1.5
apple:mac_os_x	apple mac os x	eq	10.4.8

References

docs.info.apple.com/article.html?artnum=305391

lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html

projects.info-pull.com/moab/MOAB-26-01-2007.html

secunia.com/advisories/24966

www.osvdb.org/32705

www.securityfocus.com/bid/22272

www.securitytracker.com/id?1017940

www.us-cert.gov/cas/techalerts/TA07-109A.html

www.vupen.com/english/advisories/2007/1470

exchange.xforce.ibmcloud.com/vulnerabilities/31883

7.4 High

AI Score

Confidence

Low

7.6 High

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

0.928 High

EPSS

Percentile

99.0%

JSON

Related for CVE-2007-0465

checkpoint_advisories1 prion1 securityvulns1 nessus1