cbcvebase.
CVE-2007-0464
published 2007-01-30

CVE-2007-0464: The _CFNetConnectionWillEnqueueRequests function in CFNetwork 129.19 on Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to cause a denial of…

PriorityP424medium5CVSS 2.0
AVNACLAuNCNINAP
EXPLOIT
EPSS
14.38%
96.2th percentile
The _CFNetConnectionWillEnqueueRequests function in CFNetwork 129.19 on Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to cause a denial of service (application crash) via a crafted HTTP 301 response, which results in a NULL pointer dereference.

Affected

1 ranges
VendorProductVersion rangeFixed in
cfnetworkcfnetwork

Detection & IOCsextracted from sources · hover to see the quote

versionCFNetwork 129.19
  • Monitor for application crashes (NULL pointer dereference) in processes using CFNetwork 129.19 on Mac OS X 10.4–10.4.10 following receipt of an HTTP 301 redirect response.
  • ·The vulnerability is specific to CFNetwork version 129.19 on Apple Mac OS X 10.4 through 10.4.10; detection rules targeting this CVE should be scoped to that platform and library version to avoid false positives on patched or unaffected systems.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.