Published: 14/03/2006 Updated: 19/10/2018

CVSS v2 Base Score: 5.1 | Impact Score: 6.4 | Exploitability Score: 4.9

VMScore: 515

Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P

Buffer overflow in Mail in Apple Mac OS X 10.4 up to 10.4.5, when patched with Security Update 2006-001, allows remote malicious users to execute arbitrary code via a long Real Name value in an e-mail attachment sent in AppleDouble format, which triggers the overflow when the user double-clicks on an attachment.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apple mac os x 10.4.4
apple mac os x 10.4.5
apple mac os x 10.4.2
apple mac os x 10.4.3
apple mac os x server 10.4.4
apple mac os x server 10.4.5
apple mac os x server 10.4
apple mac os x server 10.4.1
apple mac os x 10.4
apple mac os x 10.4.1
apple mac os x server 10.4.2
apple mac os x server 10.4.3

#!/usr/bin/perl # # Code by Kevin Finisterre kf_lists[at]digitalmunition[dot]com # wwwdigitalmunitioncom # # Mailapp Version 207 (7462) on OSX 1045 Build 8H14 + Security Update 2006-001 (PowerPC) v10 # # RFC-1740 MIME-based Mac file buffer overflow # # AppleSingle file header: # [4 byte magic number][4 byte version number][16 byte ...

NVD-CWE-Other http://lists.apple.com/archives/security-announce/2006/Mar/msg00001.html http://docs.info.apple.com/article.html?artnum=303453 http://www.securityfocus.com/bid/17081 http://secunia.com/advisories/19129 http://www.digitalmunition.com/DMA%5B2006-0313a%5D.txt http://securitytracker.com/id?1015762 http://www.kb.cert.org/vuls/id/980084 http://www.osvdb.org/23872 http://www.vupen.com/english/advisories/2006/0949 https://exchange.xforce.ibmcloud.com/vulnerabilities/25209 http://www.securityfocus.com/archive/1/427601/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/1583/https://www.kb.cert.org/vuls/id/980084

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2006-0396

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect