CVE-2007-0465

Format string vulnerability in Apple Installer 2.1.5 on Mac OS X 10.4.8 allows user-assisted remote attackers to execute arbitrary code via format string specifiers in a 1 PKG, 2 DISTZ, or 3 MPKG package filename...

CVE-2007-0465

Format string vulnerability in Apple Installer 2.1.5 on Mac OS X 10.4.8 allows user-assisted remote attackers to execute arbitrary code via format string specifiers in a 1 PKG, 2 DISTZ, or 3 MPKG package filename...

CVE-2007-0465

CVE-2007-0465 describes a format-string vulnerability in Apple’s Installer (Mac OS X 10.4.8, Apple Installer 2.1.5). The flaw arises during parsing of package filenames that can contain format specifiers in (PKG, DISTZ, MPKG) files, enabling a user-assisted remote attacker to execute arbitrary co...

MOAB-26-01-2007: Apple Installer Package Filename Format String Vulnerability

Summary Apple Installer is the application in charge of handling the installation of packages for Mac OS X, in form of pkg, distz and mpkg files. Installer fails to properly handle package filename strings. It's a affected by a typical format string vulnerability, which can lead to a denial of...

Apple Installer Package 2.1.5 - Filename Format String

Apple Installer Package 2.1.5 - Filename Format String source: https://www.securityfocus.com/bid/22272/info Apple Installer is prone to a format-string vulnerability because the application fails to properly sanitize user-supplied input before passing it as the format specifier to a...

Apple Installer Package 2.1.5 - Filename Format String

source: https://www.securityfocus.com/bid/22272/info Apple Installer is prone to a format-string vulnerability because the application fails to properly sanitize user-supplied input before passing it as the format specifier to a formatted-printing function. A successful attack may crash the...