| Vulnerability Name: | CVE-2006-6062 (CCN-30463) | ||||||||
| Assigned: | 2006-11-21 | ||||||||
| Published: | 2006-11-21 | ||||||||
| Updated: | 2017-07-20 | ||||||||
| Summary: | Unspecified vulnerability in Apple Mac OS X 10.4.8, and possibly other versions, allows remote attackers to cause a denial of service (crash) via a malformed UDTO HFS+ disk image, such as with "bad sectors," which triggers memory corruption. Exploitation attempts may result in a denial-of-service condition. | ||||||||
| CVSS v3 Severity: | 7.5 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
| ||||||||
| CVSS v2 Severity: | 5.1 Medium (CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P) 4.0 Medium (Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P/E:POC/RL:OF/RC:C)
6.1 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C/E:POC/RL:OF/RC:C)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Denial of Service | ||||||||
| References: | Source: MITRE Type: CNA CVE-2006-6062 Source: CCN Type: Mac OS X 10.4.9 and Security Update 2007-003 About the security content of Mac OS X 10.4.9 and Security Update 2007-003 Source: CONFIRM Type: UNKNOWN http://docs.info.apple.com/article.html?artnum=305214 Source: APPLE Type: UNKNOWN APPLE-SA-2007-03-13 Source: CCN Type: MOKB-21-11-2006 Mac OS X Apple UDTO HFS+ Disk Image Denial of Service (1) Source: MISC Type: Exploit, Vendor Advisory http://projects.info-pull.com/mokb/MOKB-21-11-2006.html Source: CCN Type: SA23012 Apple Mac OS X UDIF Denial of Service Source: SECUNIA Type: Vendor Advisory 23012 Source: CCN Type: SA23062 Apple Mac OS X UDTO HFS+ Denial of Service Vulnerability Source: SECUNIA Type: UNKNOWN 23062 Source: CCN Type: SA24479 Mac OS X Security Update Fixes Multiple Vulnerabilities Source: SECUNIA Type: UNKNOWN 24479 Source: CCN Type: SECTRACK ID: 1017260 Mac OS X DMG Image Validation Error May Let Remote Users Execute Arbitrary Code Source: SECTRACK Type: UNKNOWN 1017260 Source: CCN Type: SECTRACK ID: 1017751 Mac OS X Lets Remote Users Execute Arbitrary Code and Local Users Obtain Elevated Privileges and Deny Service Source: CCN Type: Apple Mac OS X Web site Apple - Mac OS X Source: CCN Type: US-CERT VU#214040 Apple Mac OS X fails to properly handle corrupted UDTO HFS+ image structures Source: OSVDB Type: UNKNOWN 30510 Source: CCN Type: OSVDB ID: 30510 Apple Mac OS X UDTO HFS+ Image Handling DoS Source: BID Type: Exploit 21201 Source: CCN Type: BID-21201 Apple Mac OS X UDIF Disk Image Remote Denial Of Service Vulnerability Source: BID Type: UNKNOWN 21236 Source: CCN Type: BID-21236 Apple Mac OS X UDTO Disk Image Remote Denial of Service Vulnerability Source: SECTRACK Type: UNKNOWN 1017751 Source: CERT Type: US Government Resource TA07-072A Source: VUPEN Type: UNKNOWN ADV-2006-4629 Source: VUPEN Type: UNKNOWN ADV-2006-4653 Source: VUPEN Type: UNKNOWN ADV-2007-0930 Source: XF Type: UNKNOWN macosx-dmg-code-execution(30440) Source: XF Type: UNKNOWN macosx-udtohfs-dos(30463) Source: XF Type: UNKNOWN macosx-udtohfs-dos(30463) | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| BACK | |||||||||