Mac OS X AFP Core Foundation Library CF_CHARSET_PATH Variable Overflow

2005-03-21T00:00:00
ID OSVDB:15006
Type osvdb
Reporter OSVDB
Modified 2005-03-21T00:00:00

Description

Vulnerability Description

A local overflow exists in Mac OS X. The Core Foundation Library fails to validate the CF_CHARSET_PATH environment variable resulting in a buffer overflow. With a specially crafted request greater than 1024 characters, an attacker can cause arbitrary code execution resulting in a loss of integrity.

Solution Description

Currently, there are no known workarounds or upgrades to correct this issue. However, Apple has released a patch to address this vulnerability.

Short Description

A local overflow exists in Mac OS X. The Core Foundation Library fails to validate the CF_CHARSET_PATH environment variable resulting in a buffer overflow. With a specially crafted request greater than 1024 characters, an attacker can cause arbitrary code execution resulting in a loss of integrity.

References:

Vendor Specific Advisory URL Security Tracker: 1013497 Secunia Advisory ID:14655 Other Advisory URL: http://www.idefense.com/application/poi/display?id=219&type=vulnerabilities Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-03/0362.html Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-03/0369.html Mail List Post: http://lists.apple.com/archives/security-announce/2005/Mar/msg00000.html CVE-2005-0716