Описание
Format string vulnerability in Login Window in Apple Mac OS X 10.4.11 and 10.5 before 10.5.8 allows attackers to execute arbitrary code or cause a denial of service (application crash) via format string specifiers in an application name.
Ссылки
- PatchVendor Advisory
- Vendor Advisory
- PatchVendor Advisory
- Patch
- US Government Resource
- PatchVendor Advisory
- PatchVendor Advisory
- Vendor Advisory
- PatchVendor Advisory
- Patch
- US Government Resource
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:apple:mac_os_x:10.5.6:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.4.11:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.5:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.5.7:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x_server:10.4.11:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x_server:10.5.5:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x_server:10.5.6:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x_server:10.5.7:*:*:*:*:*:*:*
EPSS
Процентиль: 74%
0.00846
Низкий
7.5 High
CVSS2
Дефекты
CWE-134
Связанные уязвимости
github
почти 4 года назад
Format string vulnerability in Login Window in Apple Mac OS X 10.4.11 and 10.5 before 10.5.8 allows attackers to execute arbitrary code or cause a denial of service (application crash) via format string specifiers in an application name.
EPSS
Процентиль: 74%
0.00846
Низкий
7.5 High
CVSS2
Дефекты
CWE-134