7.2
CVE-2007-0355
- EPSS 6.59%
- Veröffentlicht 19.01.2007 01:28:00
- Zuletzt bearbeitet 16.06.2026 22:35:24
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Buffer overflow in the Apple Minimal SLP v2 Service Agent (slpd) in Mac OS X 10.4.11 and earlier, including 10.4.8, allows local users, and possibly remote attackers, to gain privileges and possibly execute arbitrary code via a registration request with an invalid attr-list field.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Apple ≫ Minimal Slp Service Agent Version10.4.11
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 6.59% | 0.93 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.2 | 3.9 | 10 |
AV:L/AC:L/Au:N/C:C/I:C/A:C
|
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
http://docs.info.apple.com/article.html?artnum=307430
http://lists.apple.com/archives/security-announce/2008/Feb/msg00002.html
http://projects.info-pull.com/moab/MOAB-17-01-2007.html
http://secunia.com/advisories/23796
http://securitytracker.com/id?1017533
http://securitytracker.com/id?1019359
http://www.osvdb.org/32693
http://www.securityfocus.com/bid/22101
http://www.us-cert.gov/cas/techalerts/TA08-043B.html
http://www.vupen.com/english/advisories/2007/0239
https://exchange.xforce.ibmcloud.com/vulnerabilities/31562
https://www.exploit-db.com/exploits/3151