Lucene search

[email protected]CVE-2008-4221

HistoryDec 17, 2008 - 1:30 a.m.

CVE-2008-4221

2008-12-1701:30:00

CWE-399

[email protected]

web.nvd.nist.gov

cve-2008-4221

libsystem

apple

mac os x

denial of service

memory corruption

application crash

arbitrary code

date string

memory allocation

nvd

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.4 High

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

72.0%

JSON

The strptime API in Libsystem in Apple Mac OS X before 10.5.6 allows context-dependent attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via a crafted date string, related to improper memory allocation.

Affected configurations

NVD

Node

applemac_os_xRange≤10.5.5

applemac_os_xMatch10.4.11

applemac_os_xMatch10.5

applemac_os_xMatch10.5.1

applemac_os_xMatch10.5.2

applemac_os_xMatch10.5.3

applemac_os_xMatch10.5.4

applemac_os_x_serverRange≤10.5.5

applemac_os_x_serverMatch10.4.11

applemac_os_x_serverMatch10.5

applemac_os_x_serverMatch10.5.1

applemac_os_x_serverMatch10.5.2

applemac_os_x_serverMatch10.5.3

applemac_os_x_serverMatch10.5.4

CPENameOperatorVersion
apple:mac_os_xapple mac os xle10.5.5
apple:mac_os_xapple mac os xeq10.4.11
apple:mac_os_xapple mac os xeq10.5
apple:mac_os_xapple mac os xeq10.5.1
apple:mac_os_xapple mac os xeq10.5.2
apple:mac_os_xapple mac os xeq10.5.3
apple:mac_os_xapple mac os xeq10.5.4
apple:mac_os_x_serverapple mac os x serverle10.5.5
apple:mac_os_x_serverapple mac os x servereq10.4.11
apple:mac_os_x_serverapple mac os x servereq10.5

CPE	Name	Operator	Version
apple:mac_os_x	apple mac os x	le	10.5.5
apple:mac_os_x	apple mac os x	eq	10.4.11
apple:mac_os_x	apple mac os x	eq	10.5
apple:mac_os_x	apple mac os x	eq	10.5.1
apple:mac_os_x	apple mac os x	eq	10.5.2
apple:mac_os_x	apple mac os x	eq	10.5.3
apple:mac_os_x	apple mac os x	eq	10.5.4
apple:mac_os_x_server	apple mac os x server	le	10.5.5
apple:mac_os_x_server	apple mac os x server	eq	10.4.11
apple:mac_os_x_server	apple mac os x server	eq	10.5