Integer overflow in the ffs_mountfs function in Mac OS X 10.4.8 and FreeBSD 6.1 allows local users to cause a denial of service (panic) and possibly gain privileges via a crafted DMG image that causes "allocation of a negative size buffer" leading to a heap-based buffer overflow, a related issue to CVE-2006-5679. NOTE: a third party states that this issue does not cross privilege boundaries in FreeBSD because only root may mount a filesystem.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apple mac os x 10.4.8 |
||
apple mac os x server 10.4.8 |
||
freebsd freebsd 6.1 |