7.1

CVE-2008-4224

UDF in Apple Mac OS X before 10.5.6 allows user-assisted attackers to cause a denial of service (system crash) via a malformed UDF volume in a crafted ISO file.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
ApplemacOS X Version <= 10.5.5
ApplemacOS X Version10.4.11
ApplemacOS X Version10.5
ApplemacOS X Version10.5.1
ApplemacOS X Version10.5.2
ApplemacOS X Version10.5.3
ApplemacOS X Version10.5.4
ApplemacOS X Server Version <= 10.5.5
ApplemacOS X Server Version10.4.11
ApplemacOS X Server Version10.5
ApplemacOS X Server Version10.5.1
ApplemacOS X Server Version10.5.2
ApplemacOS X Server Version10.5.3
ApplemacOS X Server Version10.5.4
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.12% 0.795
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.1 8.6 6.9
AV:N/AC:M/Au:N/C:N/I:N/A:C
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://lists.apple.com/archives/security-announce//2008//Dec/msg00000.html
Vendor Advisory
http://secunia.com/advisories/33179
Vendor Advisory
http://support.apple.com/kb/HT3338
Vendor Advisory
http://www.us-cert.gov/cas/techalerts/TA08-350A.html
US Government Resource
http://www.vupen.com/english/advisories/2008/3444
http://www.securityfocus.com/bid/32839
http://www.securityfocus.com/bid/32872
http://www.securitytracker.com/id?1021410