Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
exploitdbKfEDB-ID:29523
HistoryJan 25, 2007 - 12:00 a.m.

Apple Mac OSX 10.4.x - Software Update Format String

2007-01-2500:00:00
kf
www.exploit-db.com
13

AI Score

7.4

Confidence

Low

JSON
source: https://www.securityfocus.com/bid/22222/info

Apple Software Update is prone to a format-string vulnerability.

This issue presents itself because the application fails to properly sanitize user-supplied input before passing it as the format specifier to a formatted-printing function.

A successful attack may crash the application or possibly lead to arbitrary code execution. This may facilitate unauthorized access or privilege escalation in the context of the user running the application. 

$ touch %x.%x.%x.%x.%x.%x.%x.swutmp
$ open %x.%x.%x.%x.%x.%x.%x.swutmp

Related

cvelist 1
cve 1
prion 1
nvd 1
securityvulns 1
nessus 1
cvelist
cvelist
CVE-2007-0463
2007-01-29 16:00:00
cve
cve
CVE-2007-0463
2007-01-29 16:28:00
prion
prion
Format string
2007-01-29 16:28:00
nvd
nvd
CVE-2007-0463
2007-01-29 16:28:00
securityvulns
securityvulns
Apple Mac OS X Software Update / Apple Installer format string security vulnerability
2007-01-29 00:00:00
nessus
nessus
Mac OS X < 10.4.9 Multiple Vulnerabilities (Security Update 2007-003)
2007-03-13 00:00:00

AI Score

7.4

Confidence

Low

JSON
Related for EDB-ID:29523
cvelist1cve1prion1nvd1securityvulns1nessus1