7.2
CVE-2009-1235
- EPSS 0.98%
- Veröffentlicht 02.04.2009 17:30:00
- Zuletzt bearbeitet 16.06.2026 23:06:49
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
XNU 1228.9.59 and earlier on Apple Mac OS X 10.5.6 and earlier does not properly restrict interaction between user space and the HFS IOCTL handler, which allows local users to overwrite kernel memory and gain privileges by attaching an HFS+ disk image and performing certain steps involving HFS_GET_BOOT_INFO fcntl calls.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Apple ≫ macOS X Server Version <= 10.5.6
Apple ≫ macOS X Server Version10.0
Apple ≫ macOS X Server Version10.0.0
Apple ≫ macOS X Server Version10.0.1
Apple ≫ macOS X Server Version10.0.2
Apple ≫ macOS X Server Version10.0.3
Apple ≫ macOS X Server Version10.0.4
Apple ≫ macOS X Server Version10.1
Apple ≫ macOS X Server Version10.1.0
Apple ≫ macOS X Server Version10.1.1
Apple ≫ macOS X Server Version10.1.2
Apple ≫ macOS X Server Version10.1.3
Apple ≫ macOS X Server Version10.1.4
Apple ≫ macOS X Server Version10.1.5
Apple ≫ macOS X Server Version10.2
Apple ≫ macOS X Server Version10.2.0
Apple ≫ macOS X Server Version10.2.1
Apple ≫ macOS X Server Version10.2.2
Apple ≫ macOS X Server Version10.2.3
Apple ≫ macOS X Server Version10.2.4
Apple ≫ macOS X Server Version10.2.5
Apple ≫ macOS X Server Version10.2.6
Apple ≫ macOS X Server Version10.2.7
Apple ≫ macOS X Server Version10.2.8
Apple ≫ macOS X Server Version10.3
Apple ≫ macOS X Server Version10.3.0
Apple ≫ macOS X Server Version10.3.1
Apple ≫ macOS X Server Version10.3.2
Apple ≫ macOS X Server Version10.3.3
Apple ≫ macOS X Server Version10.3.4
Apple ≫ macOS X Server Version10.3.5
Apple ≫ macOS X Server Version10.3.6
Apple ≫ macOS X Server Version10.3.7
Apple ≫ macOS X Server Version10.3.8
Apple ≫ macOS X Server Version10.3.9
Apple ≫ macOS X Server Version10.4
Apple ≫ macOS X Server Version10.4.0
Apple ≫ macOS X Server Version10.4.1
Apple ≫ macOS X Server Version10.4.2
Apple ≫ macOS X Server Version10.4.3
Apple ≫ macOS X Server Version10.4.4
Apple ≫ macOS X Server Version10.4.5
Apple ≫ macOS X Server Version10.4.6
Apple ≫ macOS X Server Version10.4.7
Apple ≫ macOS X Server Version10.4.8
Apple ≫ macOS X Server Version10.4.9
Apple ≫ macOS X Server Version10.4.10
Apple ≫ macOS X Server Version10.4.11
Apple ≫ macOS X Server Version10.5
Apple ≫ macOS X Server Version10.5.0
Apple ≫ macOS X Server Version10.5.1
Apple ≫ macOS X Server Version10.5.2
Apple ≫ macOS X Server Version10.5.3
Apple ≫ macOS X Server Version10.5.4
Apple ≫ macOS X Server Version10.5.5
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.98% | 0.576 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.2 | 3.9 | 10 |
AV:L/AC:L/Au:N/C:C/I:C/A:C
|
http://lists.apple.com/archives/security-announce/2009/Aug/msg00001.html
http://secunia.com/advisories/36096
http://support.apple.com/kb/HT3757
http://www.us-cert.gov/cas/techalerts/TA09-218A.html
http://www.vupen.com/english/advisories/2009/2172
http://secunia.com/advisories/34424
http://www.digit-labs.org/files/exploits/xnu-hfs-fcntl-v2.c
http://www.digit-labs.org/files/exploits/xnu-hfs-fcntl-v2.sh
http://www.informationweek.com/news/hardware/mac/showArticle.jhtml?articleID=216401181
http://www.securityfocus.com/bid/34203
http://www.securitytracker.com/id?1022671
http://www.vupen.com/english/advisories/2009/0822
https://www.exploit-db.com/exploits/8266