Integer signedness error in BOM in Apple Mac OS X before 10.5.6 allows remote attackers to execute arbitrary code via the headers in a crafted CPIO archive, leading to a stack-based buffer overflow.
Vector
NETWORK
Complexity
MEDIUM
Authentication
NONE
Confidentiality
COMPLETE
Integrity
COMPLETE
Availability
COMPLETE
Apache Software Foundation Qpid 0.11
Apache Software Foundation org.apache.sling.servlets.post 2.3.0
Apache Software Foundation Qpid 0.6
Apache Software Foundation POI 0.10.0
Apache Software Foundation Qpid 0.30
Apache Software Foundation Qpid 0.20
Apache Software Foundation POI 0.1
Apache Software Foundation POI 0.12.0
Apache Software Foundation OpenOffice.org 3.3.0
Apache Software Foundation POI 0.11.0
Apache Software Foundation org.apache.sling.servlets.post 2.1.2
Apache Software Foundation Qpid 0.8
Apache Software Foundation Qpid 0.5
Apache Software Foundation Qpid 0.7
| Advisory | Patch | Confirmed | Link |
|---|---|---|---|
| TA08-350A | |||
| ADV-2008-3444 | |||
| 1021399 | |||
| 32876 | |||
| 32839 | |||
| http://support.apple.com/kb/HT3338 | |||
| 33179 | |||
| APPLE-SA-2008-12-15 |