Published: 11/01/2007 Updated: 16/10/2018

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

VMScore: 685

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Finder 10.4.6 on Apple Mac OS X 10.4.8 allows user-assisted remote malicious users to cause a denial of service and possibly execute arbitrary code via a long volume name in a DMG disk image, which results in memory corruption.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apple mac os x 10.4.8
apple mac os x 10.4.6

#!/usr/bin/ruby # (c) 2006 LMH <lmh [at] infopullcom> # require 'fileutils' require 'zlib' hdiutil = "/usr/bin/hdiutil" dmgname = (ARGV[0] || "MOAB-09-01-2007dmg") dmgsize = (ARGV[1] || "200k") filesys = (ARGV[2] || "UFS") volname = "" 255times do volname << (i = Kernelrand(62); i += ((i < 10) ? 48 : ((i < 36) ? 55 : 61 ...

CWE-119 CWE-20 CWE-399 http://projects.info-pull.com/moab/MOAB-09-01-2007.html http://www.digitalmunition.com/DMA%5B2007-0109a%5D.txt http://www.securityfocus.com/bid/21980 http://docs.info.apple.com/article.html?artnum=305102 http://lists.apple.com/archives/Security-announce/2007/Feb/msg00000.html http://www.us-cert.gov/cas/techalerts/TA07-047A.html http://www.kb.cert.org/vuls/id/240880 http://www.securitytracker.com/id?1017662 http://secunia.com/advisories/24198 http://www.osvdb.org/32714 http://www.vupen.com/english/advisories/2007/0140 https://exchange.xforce.ibmcloud.com/vulnerabilities/31410 http://www.securityfocus.com/archive/1/456578/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/3110/https://www.kb.cert.org/vuls/id/240880

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2007-0197

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect