header-logo
Suggest Exploit
vendor:
Mac OS X
by:
Unknown
7.5
CVSS
HIGH
Integer Overflow
Integer Overflow
CWE
Product Name: Mac OS X
Affected Version From: Mac OS X 10.4.8 and FreeBSD 6.1
Affected Version To: Unknown
Patch Exists: NO
Related CWE: Unknown
CPE: o:apple:mac_os_x:10.4.8
Metasploit:
Other Scripts:
Platforms Tested:
Unknown

Remote Integer-Overflow Vulnerability in Apple Mac OS X

The UFS filesystem handler in Apple Mac OS X fails to handle specially crafted DMG images, leading to a remote integer-overflow vulnerability. A successful exploit can allow a remote attacker to execute arbitrary code with kernel-level privileges, resulting in the complete compromise of affected computers. Failed exploit attempts will cause a denial-of-service condition.

Mitigation:

Unknown
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/21993/info

Apple Mac OS X is prone to a remote integer-overflow vulnerability. This issue occurs when the UFS filesystem handler fails to handle specially crafted DMG images.

A successful exploit can allow a remote attacker to execute arbitrary code with kernel-level privileges, leading to the complete compromise of affected computers. Failed exploit attempts will result in a denial-of-service condition.

Mac OS X 10.4.8 and freeBSD 6.1 are vulnerable; other versions may also be affected.

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/29441.dmg.gz