6.8

CVE-2007-4682

CoreText in Apple Mac OS X 10.4 through 10.4.10 allows attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted text content that triggers an access of an uninitialized object pointer.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
ApplemacOS X Version >= 10.4 <= 10.4.10
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 3.21% 0.865
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.8 8.6 6.4
AV:N/AC:M/Au:N/C:P/I:P/A:P
CWE-824 Access of Uninitialized Pointer

The product accesses or uses a pointer that has not been initialized.

http://docs.info.apple.com/article.html?artnum=307041
Broken Link
http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html
Patch
Mailing List
http://secunia.com/advisories/27643
Vendor Advisory
Broken Link
http://www.securityfocus.com/bid/26444
Third Party Advisory
Broken Link
VDB Entry
http://www.us-cert.gov/cas/techalerts/TA07-319A.html
Third Party Advisory
US Government Resource
Broken Link
http://www.vupen.com/english/advisories/2007/3868
Broken Link
http://securitytracker.com/id?1018950
Third Party Advisory
Broken Link
VDB Entry
http://www.kb.cert.org/vuls/id/498105
Third Party Advisory
US Government Resource
https://exchange.xforce.ibmcloud.com/vulnerabilities/38465
VDB Entry