Описание
The bundle API in CoreFoundation in Apple Mac OS X 10.3.9 and 10.4.6 loads dynamic libraries even if the client application has not directly requested it, which allows attackers to execute arbitrary code from an untrusted bundle.
The bundle API in CoreFoundation in Apple Mac OS X 10.3.9 and 10.4.6 loads dynamic libraries even if the client application has not directly requested it, which allows attackers to execute arbitrary code from an untrusted bundle.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2006-1442
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26407
- http://lists.apple.com/archives/security-announce/2006/May/msg00003.html
- http://secunia.com/advisories/20077
- http://securitytracker.com/id?1016080
- http://www.osvdb.org/25586
- http://www.securityfocus.com/bid/17951
- http://www.us-cert.gov/cas/techalerts/TA06-132A.html
- http://www.vupen.com/english/advisories/2006/1779
EPSS
Процентиль: 73%
0.00772
Низкий
CVE ID
Связанные уязвимости
nvd
больше 19 лет назад
The bundle API in CoreFoundation in Apple Mac OS X 10.3.9 and 10.4.6 loads dynamic libraries even if the client application has not directly requested it, which allows attackers to execute arbitrary code from an untrusted bundle.
EPSS
Процентиль: 73%
0.00772
Низкий