cbcvebase.
CVE-2007-0463
published 2007-01-29

CVE-2007-0463: Format string vulnerability in Apple Software Update 2.0.5 on Mac OS X 10.4.8 allows remote attackers to cause a denial of service (application crash) or…

PriorityP432medium5CVSS 2.0
AVNACLAuNCNINAP
EXPLOIT
EPSS
17.54%
96.8th percentile
Format string vulnerability in Apple Software Update 2.0.5 on Mac OS X 10.4.8 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via format string specifiers in (1) SWUTMP or (2) SUCATALOG filenames, or using the (3) application/x-apple.sucatalog+xml MIME type.

Affected

1 ranges
VendorProductVersion rangeFixed in
applesoftware_update
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.