var-200701-0014
Vulnerability from variot
Integer overflow in the ffs_mountfs function in Mac OS X 10.4.8 and FreeBSD 6.1 allows local users to cause a denial of service (panic) and possibly gain privileges via a crafted DMG image that causes "allocation of a negative size buffer" leading to a heap-based buffer overflow, a related issue to CVE-2006-5679. NOTE: a third party states that this issue does not cross privilege boundaries in FreeBSD because only root may mount a filesystem. Apple's UserNotificationCenter contains a vulnerability that may allow local users to gain elevated privileges. Apple Mac OS X Finder fails to properly handle DMG files with large volume names, which could allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Apple iChat contains a format string vulnerability. This vulnerability may allow a remote, unauthenticated attacker to execute arbitary code. A vulnerability in the way Apple iChat handles specially crafted TXT key hashes could lead to denial of service. Mac OS X of ffs_mountfs The function contains an integer overflow vulnerability. This issue occurs when the UFS filesystem handler fails to handle specially crafted DMG images. Failed exploit attempts will result in a denial-of-service condition. If an attacker can trick users into loading a malicious UFS DMG image, heap overflow will be triggered, resulting in arbitrary code execution.
Secunia is proud to announce the availability of the Secunia Software Inspector.
The Secunia Software Inspector is a free service that detects insecure versions of software that you may have installed in your system. When insecure versions are detected, the Secunia Software Inspector also provides thorough guidelines for updating the software to the latest secure version from the vendor.
Try it out online: http://secunia.com/software_inspector/
TITLE: Mac OS X Security Update Fixes Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA24198
VERIFY ADVISORY: http://secunia.com/advisories/24198/
CRITICAL: Highly critical
IMPACT: Privilege escalation, DoS, System access
WHERE:
From remote
OPERATING SYSTEM: Apple Macintosh OS X http://secunia.com/product/96/
DESCRIPTION: Apple has issued a security update for Mac OS X, which fixes multiple vulnerabilities.
1) A boundary error exists in Finder, which can be exploited by malicious people to cause a buffer overflow by tricking a user to mount a malicious disk image.
2) A null-pointer dereference error in iChat Bonjour can be exploited by malicious people to cause the application to crash.
3) A format string error in the handling of AIM URLs in iChat can be exploited by malicious people to possibly execute arbitrary code.
Successful exploitation requires that a user is tricked into accessing a specially crafted AIM URL.
For more information: SA23846
SOLUTION: Apply Security Update 2007-002:
Security Update 2007-002 (10.4.8 Universal): http://www.apple.com/support/downloads/securityupdate2007002universal.html
Security Update 2007-002 (10.4.8 PPC): http://www.apple.com/support/downloads/securityupdate2007002ppc.html
Security Update 2007-002 (10.3.9 Panther): http://www.apple.com/support/downloads/securityupdate2007002panther.html
PROVIDED AND/OR DISCOVERED BY: 1) Kevin Finisterre, DigitalMunition 3) LMH
ORIGINAL ADVISORY: Apple: http://docs.info.apple.com/article.html?artnum=305102
OTHER REFERENCES: MOAB: 1) http://projects.info-pull.com/moab/MOAB-09-01-2007.html 3) http://projects.info-pull.com/moab/MOAB-20-01-2007.html
SA23846: http://secunia.com/advisories/23846/
SA23945: http://secunia.com/advisories/23945/
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200701-0014",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 4.0,
"vendor": "apple computer",
"version": null
},
{
"model": "mac os x",
"scope": "eq",
"trust": 2.4,
"vendor": "apple",
"version": "10.4.8"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.4.8"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.8,
"vendor": "freebsd",
"version": "5.3 6.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "mac os server",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.9"
},
{
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.9"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#315856"
},
{
"db": "CERT/CC",
"id": "VU#515792"
},
{
"db": "CERT/CC",
"id": "VU#240880"
},
{
"db": "CERT/CC",
"id": "VU#794752"
},
{
"db": "CERT/CC",
"id": "VU#836024"
},
{
"db": "BID",
"id": "21993"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001380"
},
{
"db": "CNNVD",
"id": "CNNVD-200701-151"
},
{
"db": "NVD",
"id": "CVE-2007-0229"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:freebsd:freebsd",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:mac_os_x",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-001380"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "LMH lmh@info-pull.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200701-151"
}
],
"trust": 0.6
},
"cve": "CVE-2007-0229",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CVE-2007-0229",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-23591",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2007-0229",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#315856",
"trust": 0.8,
"value": "1.49"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#515792",
"trust": 0.8,
"value": "7.01"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#240880",
"trust": 0.8,
"value": "10.29"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#794752",
"trust": 0.8,
"value": "11.85"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#836024",
"trust": 0.8,
"value": "2.48"
},
{
"author": "NVD",
"id": "CVE-2007-0229",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-200701-151",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-23591",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#315856"
},
{
"db": "CERT/CC",
"id": "VU#515792"
},
{
"db": "CERT/CC",
"id": "VU#240880"
},
{
"db": "CERT/CC",
"id": "VU#794752"
},
{
"db": "CERT/CC",
"id": "VU#836024"
},
{
"db": "VULHUB",
"id": "VHN-23591"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001380"
},
{
"db": "CNNVD",
"id": "CNNVD-200701-151"
},
{
"db": "NVD",
"id": "CVE-2007-0229"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Integer overflow in the ffs_mountfs function in Mac OS X 10.4.8 and FreeBSD 6.1 allows local users to cause a denial of service (panic) and possibly gain privileges via a crafted DMG image that causes \"allocation of a negative size buffer\" leading to a heap-based buffer overflow, a related issue to CVE-2006-5679. NOTE: a third party states that this issue does not cross privilege boundaries in FreeBSD because only root may mount a filesystem. Apple\u0027s UserNotificationCenter contains a vulnerability that may allow local users to gain elevated privileges. Apple Mac OS X Finder fails to properly handle DMG files with large volume names, which could allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Apple iChat contains a format string vulnerability. This vulnerability may allow a remote, unauthenticated attacker to execute arbitary code. A vulnerability in the way Apple iChat handles specially crafted TXT key hashes could lead to denial of service. Mac OS X of ffs_mountfs The function contains an integer overflow vulnerability. This issue occurs when the UFS filesystem handler fails to handle specially crafted DMG images. Failed exploit attempts will result in a denial-of-service condition. If an attacker can trick users into loading a malicious UFS DMG image, heap overflow will be triggered, resulting in arbitrary code execution. \n\n----------------------------------------------------------------------\n\nSecunia is proud to announce the availability of the Secunia Software\nInspector. \n\nThe Secunia Software Inspector is a free service that detects insecure\nversions of software that you may have installed in your system. When\ninsecure versions are detected, the Secunia Software Inspector also\nprovides thorough guidelines for updating the software to the latest\nsecure version from the vendor. \n\nTry it out online:\nhttp://secunia.com/software_inspector/\n\n----------------------------------------------------------------------\n\nTITLE:\nMac OS X Security Update Fixes Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA24198\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/24198/\n\nCRITICAL:\nHighly critical\n\nIMPACT:\nPrivilege escalation, DoS, System access\n\nWHERE:\n\u003eFrom remote\n\nOPERATING SYSTEM:\nApple Macintosh OS X\nhttp://secunia.com/product/96/\n\nDESCRIPTION:\nApple has issued a security update for Mac OS X, which fixes multiple\nvulnerabilities. \n\n1) A boundary error exists in Finder, which can be exploited by\nmalicious people to cause a buffer overflow by tricking a user to\nmount a malicious disk image. \n\n2) A null-pointer dereference error in iChat Bonjour can be exploited\nby malicious people to cause the application to crash. \n\n3) A format string error in the handling of AIM URLs in iChat can be\nexploited by malicious people to possibly execute arbitrary code. \n\nSuccessful exploitation requires that a user is tricked into\naccessing a specially crafted AIM URL. \n\nFor more information:\nSA23846\n\nSOLUTION:\nApply Security Update 2007-002:\n\nSecurity Update 2007-002 (10.4.8 Universal):\nhttp://www.apple.com/support/downloads/securityupdate2007002universal.html\n\nSecurity Update 2007-002 (10.4.8 PPC):\nhttp://www.apple.com/support/downloads/securityupdate2007002ppc.html\n\nSecurity Update 2007-002 (10.3.9 Panther):\nhttp://www.apple.com/support/downloads/securityupdate2007002panther.html\n\nPROVIDED AND/OR DISCOVERED BY:\n1) Kevin Finisterre, DigitalMunition\n3) LMH\n\nORIGINAL ADVISORY:\nApple:\nhttp://docs.info.apple.com/article.html?artnum=305102\n\nOTHER REFERENCES:\nMOAB:\n1) http://projects.info-pull.com/moab/MOAB-09-01-2007.html\n3) http://projects.info-pull.com/moab/MOAB-20-01-2007.html\n\nSA23846:\nhttp://secunia.com/advisories/23846/\n\nSA23945:\nhttp://secunia.com/advisories/23945/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2007-0229"
},
{
"db": "CERT/CC",
"id": "VU#315856"
},
{
"db": "CERT/CC",
"id": "VU#515792"
},
{
"db": "CERT/CC",
"id": "VU#240880"
},
{
"db": "CERT/CC",
"id": "VU#794752"
},
{
"db": "CERT/CC",
"id": "VU#836024"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001380"
},
{
"db": "BID",
"id": "21993"
},
{
"db": "VULHUB",
"id": "VHN-23591"
},
{
"db": "PACKETSTORM",
"id": "54480"
}
],
"trust": 5.67
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-23591",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-23591"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "SECUNIA",
"id": "24198",
"trust": 3.3
},
{
"db": "NVD",
"id": "CVE-2007-0229",
"trust": 2.8
},
{
"db": "SECUNIA",
"id": "24479",
"trust": 2.5
},
{
"db": "USCERT",
"id": "TA07-072A",
"trust": 2.5
},
{
"db": "BID",
"id": "21993",
"trust": 2.0
},
{
"db": "OSVDB",
"id": "32684",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2007-0930",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2007-0141",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "23703",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1017751",
"trust": 1.7
},
{
"db": "BID",
"id": "21980",
"trust": 1.6
},
{
"db": "CERT/CC",
"id": "VU#515792",
"trust": 1.6
},
{
"db": "SECTRACK",
"id": "1017661",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "23846",
"trust": 0.8
},
{
"db": "BID",
"id": "22188",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#315856",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "23725",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1017662",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#240880",
"trust": 0.8
},
{
"db": "BID",
"id": "22146",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#794752",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "23945",
"trust": 0.8
},
{
"db": "BID",
"id": "22304",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#836024",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001380",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200701-151",
"trust": 0.7
},
{
"db": "APPLE",
"id": "APPLE-SA-2007-03-13",
"trust": 0.6
},
{
"db": "XF",
"id": "31409",
"trust": 0.6
},
{
"db": "MLIST",
"id": "[FREEBSD-SECURITY] 20070114 MOAB ADVISORIES",
"trust": 0.6
},
{
"db": "CERT/CC",
"id": "TA07-072A",
"trust": 0.6
},
{
"db": "EXPLOIT-DB",
"id": "29441",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-82947",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-23591",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "54480",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#315856"
},
{
"db": "CERT/CC",
"id": "VU#515792"
},
{
"db": "CERT/CC",
"id": "VU#240880"
},
{
"db": "CERT/CC",
"id": "VU#794752"
},
{
"db": "CERT/CC",
"id": "VU#836024"
},
{
"db": "VULHUB",
"id": "VHN-23591"
},
{
"db": "BID",
"id": "21993"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001380"
},
{
"db": "PACKETSTORM",
"id": "54480"
},
{
"db": "CNNVD",
"id": "CNNVD-200701-151"
},
{
"db": "NVD",
"id": "CVE-2007-0229"
}
]
},
"id": "VAR-200701-0014",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-23591"
}
],
"trust": 0.01
},
"last_update_date": "2024-09-19T21:44:12.295000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APPLE-SA-2007-03-13",
"trust": 0.8,
"url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"
},
{
"title": "MOAB advisories",
"trust": 0.8,
"url": "http://lists.freebsd.org/pipermail/freebsd-security/2007-January/004218.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-001380"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-189",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-23591"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001380"
},
{
"db": "NVD",
"id": "CVE-2007-0229"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.3,
"url": "http://docs.info.apple.com/article.html?artnum=305102"
},
{
"trust": 3.3,
"url": "http://secunia.com/advisories/24198/"
},
{
"trust": 2.5,
"url": "http://docs.info.apple.com/article.html?artnum=305214"
},
{
"trust": 2.5,
"url": "http://www.us-cert.gov/cas/techalerts/ta07-072a.html"
},
{
"trust": 2.0,
"url": "http://applefun.blogspot.com/2007/01/moab-10-01-2007-apple-dmg-ufs.html"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2007/mar/msg00002.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/21993"
},
{
"trust": 1.7,
"url": "http://projects.info-pull.com/moab/moab-10-01-2007.html"
},
{
"trust": 1.7,
"url": "http://lists.freebsd.org/pipermail/freebsd-security/2007-january/004218.html"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/32684"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id?1017751"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/23703"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/24479"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/21980"
},
{
"trust": 1.6,
"url": "http://securitytracker.com/alerts/2007/feb/1017661.html"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2007/0141"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2007/0930"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31409"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/23846/"
},
{
"trust": 0.9,
"url": "http://projects.info-pull.com/moab/moab-09-01-2007.html"
},
{
"trust": 0.9,
"url": "http://projects.info-pull.com/moab/moab-20-01-2007.html"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/23945/"
},
{
"trust": 0.8,
"url": "http://developer.apple.com/documentation/corefoundation/reference/cfusernotificationref/reference/reference.html"
},
{
"trust": 0.8,
"url": "http://projects.info-pull.com/moab/moab-22-01-2007.html"
},
{
"trust": 0.8,
"url": "http://www.cocoadev.com/index.pl?inputmanager"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/22188"
},
{
"trust": 0.8,
"url": "http://projects.info-pull.com/moab/moab-11-01-2007.html"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23725/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/24479/"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2007/feb/1017662.html"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/22146"
},
{
"trust": 0.8,
"url": "http://projects.info-pull.com/moab/moab-29-01-2007.html"
},
{
"trust": 0.8,
"url": "http://www.apple.com/macosx/features/ichat/"
},
{
"trust": 0.8,
"url": "http://developer.apple.com/networking/bonjour/index.html"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/22304"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-0229"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-0229"
},
{
"trust": 0.8,
"url": "http://www.kb.cert.org/vuls/id/515792"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/31409"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2007/0141"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2007/0930"
},
{
"trust": 0.3,
"url": "http://www.freebsd.org/"
},
{
"trust": 0.3,
"url": "http://www.apple.com/macosx/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/software_inspector/"
},
{
"trust": 0.1,
"url": "http://www.apple.com/support/downloads/securityupdate2007002panther.html"
},
{
"trust": 0.1,
"url": "http://www.apple.com/support/downloads/securityupdate2007002ppc.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/96/"
},
{
"trust": 0.1,
"url": "http://www.apple.com/support/downloads/securityupdate2007002universal.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#315856"
},
{
"db": "CERT/CC",
"id": "VU#515792"
},
{
"db": "CERT/CC",
"id": "VU#240880"
},
{
"db": "CERT/CC",
"id": "VU#794752"
},
{
"db": "CERT/CC",
"id": "VU#836024"
},
{
"db": "VULHUB",
"id": "VHN-23591"
},
{
"db": "BID",
"id": "21993"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001380"
},
{
"db": "PACKETSTORM",
"id": "54480"
},
{
"db": "CNNVD",
"id": "CNNVD-200701-151"
},
{
"db": "NVD",
"id": "CVE-2007-0229"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#315856"
},
{
"db": "CERT/CC",
"id": "VU#515792"
},
{
"db": "CERT/CC",
"id": "VU#240880"
},
{
"db": "CERT/CC",
"id": "VU#794752"
},
{
"db": "CERT/CC",
"id": "VU#836024"
},
{
"db": "VULHUB",
"id": "VHN-23591"
},
{
"db": "BID",
"id": "21993"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001380"
},
{
"db": "PACKETSTORM",
"id": "54480"
},
{
"db": "CNNVD",
"id": "CNNVD-200701-151"
},
{
"db": "NVD",
"id": "CVE-2007-0229"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-02-19T00:00:00",
"db": "CERT/CC",
"id": "VU#315856"
},
{
"date": "2007-03-15T00:00:00",
"db": "CERT/CC",
"id": "VU#515792"
},
{
"date": "2007-02-16T00:00:00",
"db": "CERT/CC",
"id": "VU#240880"
},
{
"date": "2007-02-16T00:00:00",
"db": "CERT/CC",
"id": "VU#794752"
},
{
"date": "2007-02-26T00:00:00",
"db": "CERT/CC",
"id": "VU#836024"
},
{
"date": "2007-01-13T00:00:00",
"db": "VULHUB",
"id": "VHN-23591"
},
{
"date": "2007-01-10T00:00:00",
"db": "BID",
"id": "21993"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-001380"
},
{
"date": "2007-02-17T04:12:18",
"db": "PACKETSTORM",
"id": "54480"
},
{
"date": "2007-01-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200701-151"
},
{
"date": "2007-01-13T02:28:00",
"db": "NVD",
"id": "CVE-2007-0229"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-02-19T00:00:00",
"db": "CERT/CC",
"id": "VU#315856"
},
{
"date": "2007-03-15T00:00:00",
"db": "CERT/CC",
"id": "VU#515792"
},
{
"date": "2007-02-23T00:00:00",
"db": "CERT/CC",
"id": "VU#240880"
},
{
"date": "2007-03-05T00:00:00",
"db": "CERT/CC",
"id": "VU#794752"
},
{
"date": "2007-03-16T00:00:00",
"db": "CERT/CC",
"id": "VU#836024"
},
{
"date": "2017-07-29T00:00:00",
"db": "VULHUB",
"id": "VHN-23591"
},
{
"date": "2007-03-14T14:54:00",
"db": "BID",
"id": "21993"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-001380"
},
{
"date": "2007-01-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200701-151"
},
{
"date": "2017-07-29T01:30:03.717000",
"db": "NVD",
"id": "CVE-2007-0229"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200701-151"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apple Mac OS X UserNotificationCenter privilege escalation vulnerability",
"sources": [
{
"db": "CERT/CC",
"id": "VU#315856"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "digital error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200701-151"
}
],
"trust": 0.6
}
}
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.