CVE Vulnerabilities

CVE-2007-0229

Published: Jan 13, 2007 | Modified: Jul 29, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.2 HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

Integer overflow in the ffs_mountfs function in Mac OS X 10.4.8 and FreeBSD 6.1 allows local users to cause a denial of service (panic) and possibly gain privileges via a crafted DMG image that causes allocation of a negative size buffer leading to a heap-based buffer overflow, a related issue to CVE-2006-5679. NOTE: a third party states that this issue does not cross privilege boundaries in FreeBSD because only root may mount a filesystem.

Affected Software

Name Vendor Start Version End Version
Mac_os_x Apple 10.4.8 10.4.8
Mac_os_x_server Apple 10.4.8 10.4.8
Freebsd Freebsd 6.1 6.1

References