[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

96174

 
 

909

 
 

78077

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2007-6359

Date: (C)2007-12-14   (M)2017-08-08
 
CVSS Score: 4.9Access Vector: LOCAL
Exploitability Subscore: 3.9Access Complexity: LOW
Impact Subscore: 6.9Authentication: NONE
 Confidentiality: NONE
 Integrity: NONE
 Availability: COMPLETE











The cs_validate_page function in bsd/kern/ubc_subr.c in the xnu kernel 1228.0 and earlier in Apple Mac OS X 10.5.1 allows local users to cause a denial of service (failed assertion and system crash) via a crafted signed Mach-O binary that causes the hashes function to return NULL.

Reference:
BID-26840
SECUNIA-28048
SECUNIA-30430
ADV-2007-4216
ADV-2008-1697
APPLE-SA-2008-05-28
TA08-150A
http://digit-labs.org/files/exploits/xnu-superblob-dos.c
macosx-csvalidatepage-dos(38997)

CPE    1
cpe:/o:apple:mac_os_x:10.5.1
CWE    1
CWE-189

© 2013 SecPod Technologies