7.1
CVE-2008-4224
- EPSS 2.12%
- Veröffentlicht 17.12.2008 01:30:00
- Zuletzt bearbeitet 16.06.2026 22:57:24
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
UDF in Apple Mac OS X before 10.5.6 allows user-assisted attackers to cause a denial of service (system crash) via a malformed UDF volume in a crafted ISO file.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Apple ≫ macOS X Server Version <= 10.5.5
Apple ≫ macOS X Server Version10.4.11
Apple ≫ macOS X Server Version10.5
Apple ≫ macOS X Server Version10.5.1
Apple ≫ macOS X Server Version10.5.2
Apple ≫ macOS X Server Version10.5.3
Apple ≫ macOS X Server Version10.5.4
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.12% | 0.795 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.1 | 8.6 | 6.9 |
AV:N/AC:M/Au:N/C:N/I:N/A:C
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
http://lists.apple.com/archives/security-announce//2008//Dec/msg00000.html
http://secunia.com/advisories/33179
http://support.apple.com/kb/HT3338
http://www.us-cert.gov/cas/techalerts/TA08-350A.html
http://www.vupen.com/english/advisories/2008/3444
http://www.securityfocus.com/bid/32839
http://www.securityfocus.com/bid/32872
http://www.securitytracker.com/id?1021410