Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2007-0229 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Freebsd

3 documents3 sources
Severity
7.2HIGHNVD
EPSS
3.0%
top 13.45%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
3
Apple MAC OS XApple MAC OS X ServerFreebsd
Timeline
PublishedJan 13
Latest updateMay 1

Description

Integer overflow in the ffs_mountfs function in Mac OS X 10.4.8 and FreeBSD 6.1 allows local users to cause a denial of service (panic) and possibly gain privileges via a crafted DMG image that causes "allocation of a negative size buffer" leading to a heap-based buffer overflow, a related issue to CVE-2006-5679. NOTE: a third party states that this issue does not cross privilege boundaries in FreeBSD because only root may mount a filesystem.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages2 packages

â–¶NVDapple/mac_os_x10.4.8
â–¶NVDapple/mac_os_x_server10.4.8

Also affects: Freebsd 6.1

🔴Vulnerability Details

1
GHSA
GHSA-7qvp-8qp3-pcfv: Integer overflow in the ffs_mountfs function in Mac OS X 10↗2022-05-01
â–¶

💥Exploits & PoCs

1
Exploit-DB
Apple Mac OSX 10.4.8 - DMG UFS FFS_MountFS Integer Overflow↗2007-01-10
â–¶
CVE-2007-0229 — Freebsd vulnerability | cvebase