CVE-2006-3506 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Apple MAC OS X Server

2 documents2 sources

Severity

4.6MEDIUMNVD

EPSS

0.3%

top 48.81%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple MAC OS X Apple MAC OS X Server Apple Xsan

Timeline

PublishedAug 21

Latest updateMay 1

Description

Buffer overflow in the Xsan Filesystem driver on Mac OS X 10.4.7 and OS X Server 10.4.7 allows local users with Xsan write access, to execute arbitrary code via unspecified vectors related to "processing a path name."

CVSS vector

AV:L/AC:L/C:P/I:P/A:PExploitability: 3.9 | Impact: 6.4

Affected Packages3 packages

▶NVDapple/xsan1.0, 1.2, 1.3+2

▶NVDapple/mac_os_x_server10.4.7

▶NVDapple/mac_os_x10.4.7

Patches

Patch: secunia.com ↗Patch: securitytracker.com ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-h2vw-47m6-q2x2: Buffer overflow in the Xsan Filesystem driver on Mac OS X 10↗2022-05-01

▶