FKIE_CVE-2007-0299

Vulnerability from fkie_nvd - Published: 2007-01-17 11:28 - Updated: 2025-04-09 00:30
Severity ?
Summary
Integer overflow in the byte_swap_sbin function in bsd/ufs/ufs/ufs_byte_order.c in Mac OS X 10.4.8 allows user-assisted remote attackers to cause a denial of service (kernel panic) by mounting a crafted Unix File System (UFS) DMG image, which triggers an invalid pointer dereference.
References
cve@mitre.orghttp://docs.info.apple.com/article.html?artnum=305214
cve@mitre.orghttp://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html
cve@mitre.orghttp://projects.info-pull.com/moab/MOAB-11-01-2007.htmlVendor Advisory
cve@mitre.orghttp://secunia.com/advisories/23725Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/24479Vendor Advisory
cve@mitre.orghttp://www.kb.cert.org/vuls/id/515792US Government Resource
cve@mitre.orghttp://www.osvdb.org/31653
cve@mitre.orghttp://www.securitytracker.com/id?1017751
cve@mitre.orghttp://www.us-cert.gov/cas/techalerts/TA07-072A.htmlUS Government Resource
cve@mitre.orghttp://www.vupen.com/english/advisories/2007/0930
af854a3a-2127-422b-91ae-364da2661108http://docs.info.apple.com/article.html?artnum=305214
af854a3a-2127-422b-91ae-364da2661108http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html
af854a3a-2127-422b-91ae-364da2661108http://projects.info-pull.com/moab/MOAB-11-01-2007.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/23725Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/24479Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/515792US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.osvdb.org/31653
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1017751
af854a3a-2127-422b-91ae-364da2661108http://www.us-cert.gov/cas/techalerts/TA07-072A.htmlUS Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2007/0930
Impacted products
Vendor Product Version
apple mac_os_x 10.4.8
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "09ED46A8-1739-411C-8807-2A416BDB6DFE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Integer overflow in the byte_swap_sbin function in bsd/ufs/ufs/ufs_byte_order.c in Mac OS X 10.4.8 allows user-assisted remote attackers to cause a denial of service (kernel panic) by mounting a crafted Unix File System (UFS) DMG image, which triggers an invalid pointer dereference."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de entero en la funci\u00f3n byte_swap_sbin de bsd/ufs/ufs/ufs_byte_order.c en Mac OS X 10.4.8 permite a atacantes remotos con la complicidad del usuario provocar una denegaci\u00f3n de servicio (kernel panic) montando una imagen DMG artesanal del sistema de ficheros Unix (UFS), lo cual provoca una referencia de puntero inv\u00e1lida."
    }
  ],
  "id": "CVE-2007-0299",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2007-01-17T11:28:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://docs.info.apple.com/article.html?artnum=305214"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://projects.info-pull.com/moab/MOAB-11-01-2007.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/23725"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24479"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/515792"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/31653"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1017751"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2007/0930"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://docs.info.apple.com/article.html?artnum=305214"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://projects.info-pull.com/moab/MOAB-11-01-2007.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/23725"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24479"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/515792"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/31653"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1017751"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/0930"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.