Vulnerability Name: | CVE-2007-0735 (CCN-33781) | ||||||||
Assigned: | 2007-04-17 | ||||||||
Published: | 2007-04-17 | ||||||||
Updated: | 2011-03-08 | ||||||||
Summary: | Use-after-free vulnerability in Libinfo in Apple Mac OS X 10.3.9 through 10.4.9 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors involving crafted web pages that trigger certain error conditions that are not properly reported in certain circumstances, resulting in accessing deallocated memory. | ||||||||
CVSS v3 Severity: | 9.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H)
| ||||||||
CVSS v2 Severity: | 9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C) 6.9 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
5.6 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
| ||||||||
Vulnerability Type: | CWE-Other | ||||||||
Vulnerability Consequences: | Gain Access | ||||||||
References: | Source: MITRE Type: CNA CVE-2007-0735 Source: CCN Type: Apple Security Update 2007-004 About Security Update 2007-004 Source: CONFIRM Type: UNKNOWN http://docs.info.apple.com/article.html?artnum=305391 Source: CCN Type: Apple Web site Apple security updates Source: APPLE Type: UNKNOWN APPLE-SA-2007-04-19 Source: CCN Type: SA24966 Mac OS X Security Update Fixes Multiple Vulnerabilities Source: SECUNIA Type: UNKNOWN 24966 Source: CCN Type: SECTRACK ID: 1017942 Mac OS X Bugs Let Remote Users Execute Arbitrary Code and Local Users Gain Elevated Privileges Source: OSVDB Type: UNKNOWN 34860 Source: CCN Type: OSVDB ID: 34860 Apple Mac OS X Libinfo Crafted Web Page Unspecified Remote Code Execution Source: BID Type: Patch 23569 Source: CCN Type: BID-23569 Apple Mac OS X 2007-004 Multiple Security Vulnerabilities Source: SECTRACK Type: UNKNOWN 1017942 Source: CERT Type: US Government Resource TA07-109A Source: VUPEN Type: UNKNOWN ADV-2007-1470 Source: XF Type: UNKNOWN macos-libinfo-code-execution(33781) | ||||||||
Vulnerable Configuration: | Configuration 1: Configuration CCN 1: ![]() | ||||||||
BACK |