Vulnerability CVE-2006-6353
Published: 2006-12-06   Modified: 2012-02-12

Description:
Multiple unspecified vulnerabilities in BOMArchiveHelper in Mac OS X allow user-assisted remote attackers to cause a denial of service (application crash) via unspecified vectors related to (1) certain KERN_PROTECTION_FAILURE thread crashes and (2) certain KERN_INVALID_ADDRESS thread crashes, as discovered with the "iSec Partners FileP fuzzer".

CVSS2 => (AV:N/AC:L/Au:N/C:N/I:N/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
5/10
2.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Partial
Affected software
Apple -> Bomarchivehelper 
Apple -> Mac os x 
Apple -> Mac os x server 

 References:
http://www.securityfocus.com/bid/21446
http://security-protocols.com/2006/12/04/bomarchivehelper-needs-some-lovin/
Copyright 2024, cxsecurity.com

 

Back to Top