CVE-2007-0229

2007-01-13 03:28:00 2017-07-29 03:30:03

Integer overflow in the ffs_mountfs function in Mac OS X 10.4.8 and FreeBSD 6.1 allows local users to cause a denial of service (panic) and possibly gain privileges via a crafted DMG image that causes "allocation of a negative size buffer" leading to a heap-based buffer overflow, a related issue to CVE-2006-5679. NOTE: a third party states that this issue does not cross privilege boundaries in FreeBSD because only root may mount a filesystem.

Vector

LOCAL

Complexity

LOW

Authentication

NONE

Confidentiality

COMPLETE

Integrity

COMPLETE

Availability

COMPLETE

FreeBSD 6.1 Apple Mac OS X Server 10.4.8 Apple Mac OS X 10.4.8

Freebsd - Freebsd Apple - Mac os x server Apple - Mac os x

Advisory	Patch	Confirmed	Link
			macos-ffsmountfs-bo(31409)
			ADV-2007-0930
			ADV-2007-0141
			TA07-072A
			1017751
			21993
			http://projects.info-pull.com/moab/MOAB-10-01-2007.html
			[freebsd-security] 20070114 MOAB advisories
			APPLE-SA-2007-03-13
			http://docs.info.apple.com/article.html?artnum=305214
			http://applefun.blogspot.com/2007/01/moab-10-01-2007-app...

Numeric Errors (ID 189)

Related CVE(s) 1 CVE-2006-5679 CVSS 4.6