[Forgot Password]
Login  Register Subscribe

23631

 
 

117687

 
 

98503

 
 

909

 
 

79281

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2007-0236

Date: (C)2007-01-16   (M)2017-10-11 


Double free vulnerability in the _ATPsndrsp function in Apple Mac OS X 10.4.8, and possibly other versions, allows remote attackers to cause a denial of service (kernel panic) and possibly execute arbitrary code via a crafted AppleTalk request that triggers a heap-based buffer overflow.

CVSS Score: 10.0Access Vector: NETWORK
Exploit Score: 10.0Access Complexity: LOW
Impact Score: 10.0Authentication: NONE
 Confidentiality: COMPLETE
 Integrity: COMPLETE
 Availability: COMPLETE





Reference:
SECTRACK-1017513
SECTRACK-1017751
BID-22041
SECUNIA-23708
SECUNIA-24479
EXPLOIT-DB-3130
OSVDB-32687
ADV-2007-0191
ADV-2007-0930
APPLE-SA-2007-03-13
TA07-072A
http://docs.info.apple.com/article.html?artnum=305214
http://projects.info-pull.com/moab/MOAB-14-01-2007.html

CPE    1
cpe:/o:apple:mac_os_x:10.4.8
CWE    1
CWE-119

© 2013 SecPod Technologies