Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2007-0267Freebsd vulnerability

CWE-3993 documents3 sources
Severity
6.6MEDIUMNVD
EPSS
0.7%
top 27.83%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
Apple MAC OS XFreebsd
Timeline
PublishedJan 17
Latest updateMay 1

Description

The ufs_lookup function in the Mac OS X 10.4.8 and FreeBSD 6.1 kernels allows local users to cause a denial of service (kernel panic) and possibly corrupt other filesystems by mounting a crafted UNIX File System (UFS) DMG image that contains a corrupted directory entry (struct direct), related to the ufs_dirbad function. NOTE: a third party states that the FreeBSD issue does not cross privilege boundaries.

CVSS vector

AV:L/AC:L/C:N/I:C/A:CExploitability: 3.9 | Impact: 9.2

Affected Packages1 packages

NVDapple/mac_os_x10.4.8

Also affects: Freebsd 6.1

🔴Vulnerability Details

1
GHSA
GHSA-qw28-24h2-5p6v: The ufs_lookup function in the Mac OS X 102022-05-01

💥Exploits & PoCs

1
Exploit-DB
Apple Mac OSX 10.4.8 - DMG UFS UFS_LookUp Denial of Service2007-01-13