CVE Vulnerabilities

CVE-2008-4217

Published: Dec 17, 2008 | Modified: Mar 08, 2011
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
9.3 HIGH
AV:N/AC:M/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

Integer signedness error in BOM in Apple Mac OS X before 10.5.6 allows remote attackers to execute arbitrary code via the headers in a crafted CPIO archive, leading to a stack-based buffer overflow.

Affected Software

Name Vendor Start Version End Version
Mac_os_x Apple * 10.5.5 (including)
Mac_os_x Apple 10.4.11 (including) 10.4.11 (including)
Mac_os_x Apple 10.5 (including) 10.5 (including)
Mac_os_x Apple 10.5.1 (including) 10.5.1 (including)
Mac_os_x Apple 10.5.2 (including) 10.5.2 (including)
Mac_os_x Apple 10.5.3 (including) 10.5.3 (including)
Mac_os_x Apple 10.5.4 (including) 10.5.4 (including)
Mac_os_x_server Apple * 10.5.5 (including)
Mac_os_x_server Apple 10.4.11 (including) 10.4.11 (including)
Mac_os_x_server Apple 10.5 (including) 10.5 (including)
Mac_os_x_server Apple 10.5.1 (including) 10.5.1 (including)
Mac_os_x_server Apple 10.5.2 (including) 10.5.2 (including)
Mac_os_x_server Apple 10.5.3 (including) 10.5.3 (including)
Mac_os_x_server Apple 10.5.4 (including) 10.5.4 (including)

References