Vulnerability Name: | CVE-2007-6261 (CCN-38854) | ||||||||
Assigned: | 2007-12-04 | ||||||||
Published: | 2007-12-04 | ||||||||
Updated: | 2017-08-08 | ||||||||
Summary: | Integer overflow in the load_threadstack function in the Mach-O loader (mach_loader.c) in the xnu kernel in Apple Mac OS X 10.4 through 10.5.1 allows local users to cause a denial of service (infinite loop) via a crafted Mach-O binary. | ||||||||
CVSS v3 Severity: | 4.0 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
| ||||||||
CVSS v2 Severity: | 4.9 Medium (CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C) 4.2 Medium (Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C/E:POC/RL:U/RC:UR)
1.8 Low (CCN Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P/E:POC/RL:U/RC:UR)
| ||||||||
Vulnerability Type: | CWE-189 | ||||||||
Vulnerability Consequences: | Denial of Service | ||||||||
References: | Source: MITRE Type: CNA CVE-2007-6261 Source: CCN Type: SA27884 Mac OS X Local Denial of Service Vulnerability Source: SECUNIA Type: Vendor Advisory 27884 Source: CCN Type: Apple Mac OS X Web site Apple - Mac OS X Source: MISC Type: Exploit http://www.digit-labs.org/files/exploits/xnu-macho-dos.c Source: CCN Type: OSVDB ID: 40693 Apple Mac OS X xnu Kernel Mach-O Loader (mach_loader.c) load_threadstack Function Local Overflow DoS Source: BID Type: UNKNOWN 26700 Source: CCN Type: BID-26700 Apple Mac OS X Mach_Loader.C Local Denial of Service Vulnerability Source: VUPEN Type: UNKNOWN ADV-2007-4095 Source: XF Type: UNKNOWN macos-loadthreadstack-dos(38854) Source: XF Type: UNKNOWN macos-loadthreadstack-dos(38854) | ||||||||
Vulnerable Configuration: | Configuration 1: Configuration CCN 1: ![]() | ||||||||
BACK |