CVE-2006-6061
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
2Exploited in Wild
-Decision
Descriptions
com.apple.AppleDiskImageController in Apple Mac OS X 10.4.8, and possibly other versions, allows remote attackers to execute arbitrary code via a malformed DMG image that triggers memory corruption. NOTE: the severity of this issue has been disputed by a third party, who states that the impact is limited to a denial of service (kernel panic) due to a vm_fault call with a non-aligned address.
com.apple.AppleDiskImagecontroller en Apple Mac OS X 10.4.8, y posiblemente otras versiones, permite a atacantes remotos ejecutar código de su elección mediante una imagen DMG mal formada que provoca una corrupción de memoria. NOTA: la severidad de este asunto ha sido impugnada por una tercera parte, la cual afirma que el impacto está limitado a una denegación de servicio (error irrecuperable en el núcleo del sistema, kernel panic) debido a una llamada vm_faultcon una dirección no alineada.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2006-11-21 CVE Reserved
- 2006-11-22 CVE Published
- 2023-11-02 EPSS Updated
- 2024-08-07 CVE Updated
- 2024-08-07 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
CAPEC
References (17)
| URL | Tag | Source |
|---|---|---|
| http://alastairs-place.net/2006/11/dmg-vulnerability | X_refsource_misc | |
| http://docs.info.apple.com/article.html?artnum=305214 | X_refsource_confirm | |
| http://kernelfun.blogspot.com/2006/11/more-mokb-20-11-2006-related-news.html | X_refsource_misc | |
| http://secunia.com/advisories/24479 | Third Party Advisory | |
| http://securitytracker.com/id?1017260 | Vdb Entry | |
| http://www.kb.cert.org/vuls/id/367424 | Third Party Advisory |
|
| http://www.matasano.com/log/633/alastair-houghton-debunks-lmh-mokb-finding | X_refsource_misc | |
| http://www.osvdb.org/30509 | Vdb Entry | |
| http://www.securitytracker.com/id?1017751 | Vdb Entry | |
| http://www.us-cert.gov/cas/techalerts/TA07-072A.html | Third Party Advisory | |
| http://www.vupen.com/english/advisories/2006/4629 | Vdb Entry | |
| http://www.vupen.com/english/advisories/2007/0930 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/30440 | Vdb Entry |
| URL | Date | SRC |
|---|---|---|
| http://projects.info-pull.com/mokb/MOKB-20-11-2006.html | 2024-08-07 | |
| http://www.securityfocus.com/bid/21201 | 2024-08-07 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html | 2017-07-20 | |
| http://secunia.com/advisories/23012 | 2017-07-20 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Apple Search vendor "Apple" | Mac Os X Search vendor "Apple" for product "Mac Os X" | 10.4.8 Search vendor "Apple" for product "Mac Os X" and version "10.4.8" | - |
Affected
| ||||||
| Apple Search vendor "Apple" | Mac Os X Server Search vendor "Apple" for product "Mac Os X Server" | 10.4.8 Search vendor "Apple" for product "Mac Os X Server" and version "10.4.8" | - |
Affected
| ||||||