Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2003-1006 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Apple MAC OS X

3 documents3 sources

Severity

7.2HIGHNVD

EPSS

0.4%

top 39.60%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Apple MAC OS X Apple MAC OS X Server

Timeline

PublishedMar 29

Latest updateApr 29

Description

Buffer overflow in cd9660.util in Apple Mac OS X 10.0 through 10.3.2 and Apple Mac OS X Server 10.0 through 10.3.2 may allow local users to execute arbitrary code via a long command line parameter.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages2 packages

▶NVDapple/mac_os_x_server13 versions+12

▶NVDapple/mac_os_x23 versions+22

Patches

Patch: docs.info.apple.com ↗Patch: www.securityfocus.com ↗Patch: docs.info.apple.com ↗

🔴Vulnerability Details

GHSA

GHSA-v9wh-m39v-qg9h: Buffer overflow in cd9660↗2022-04-29

▶

💥Exploits & PoCs

Exploit-DB

Apple Mac OSX 10 - CD9660.Util Probe For Mounting Argument Local Buffer Overflow↗2003-12-15

▶