Lucene search

[email protected]CVE-2008-0054

HistoryMar 18, 2008 - 11:44 p.m.

CVE-2008-0054

2008-03-1823:44:00

CWE-20

[email protected]

web.nvd.nist.gov

foundation vulnerability

apple

mac os x

arbitrary code execution

nsselectorfromstring api

cve-2008-0054

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

9 High

AI Score

Confidence

High

0.017 Low

EPSS

Percentile

87.8%

JSON

Foundation in Apple Mac OS X 10.4.11 might allow context-dependent attackers to execute arbitrary code via a malformed selector name to the NSSelectorFromString API, which causes an “unexpected selector” to be used.

Affected configurations

NVD

Node

applemac_os_xMatch10.4.11

applemac_os_x_serverMatch10.4.11

CPENameOperatorVersion
apple:mac_os_xapple mac os xeq10.4.11
apple:mac_os_x_serverapple mac os x servereq10.4.11

CPE	Name	Operator	Version
apple:mac_os_x	apple mac os x	eq	10.4.11
apple:mac_os_x_server	apple mac os x server	eq	10.4.11

References

docs.info.apple.com/article.html?artnum=307562

lists.apple.com/archives/security-announce/2008/Mar/msg00001.html

secunia.com/advisories/29420

www.securityfocus.com/bid/28304

www.securityfocus.com/bid/28341

www.securitytracker.com/id?1019649

www.us-cert.gov/cas/techalerts/TA08-079A.html

www.vupen.com/english/advisories/2008/0924/references

exchange.xforce.ibmcloud.com/vulnerabilities/41355

Social References

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

9 High

AI Score

Confidence

High

0.017 Low

EPSS

Percentile

87.8%

JSON

Related for CVE-2008-0054

nvd1 cvelist1 prion1 seebug1 nessus1