CVE-2007-0463 in Mac OS Xinfo

Summary

Format string vulnerability in Apple Software Update 2.0.5 on Mac OS X 10.4.8 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via format string specifiers in (1) SWUTMP or (2) SUCATALOG filenames, or using the (3) application/x-apple.sucatalog+xml MIME type.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Reservation

01/23/2007

Disclosure

01/29/2007

Moderation

VulDB entry created

Entries

CPE

ready

CWE

CWE-119

Exploit

Download

CVSS

5.3

EPSS

0.35536

CTI

0.00

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2007-0463
NVD	https://nvd.nist.gov/vuln/detail/CVE-2007-0463
CVE Details	https://www.cvedetails.com/cve/CVE-2007-0463/

◂ Previous Overview Next ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!