CVE-2007-2399Out-of-bounds Write in Apple MAC OS X

2 documents2 sources
Severity
9.3CRITICALNVD
EPSS
15.6%
top 5.30%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Apple MAC OS XApple MAC OS X Server
Timeline
PublishedJun 25
Latest updateMay 1

Description

WebKit in Apple Mac OS X 10.3.9, 10.4.9 and later, and iPhone before 1.0.1 performs an "invalid type conversion", which allows remote attackers to execute arbitrary code via unspecified frame sets that trigger memory corruption.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages2 packages

NVDapple/mac_os_x10.3.9, 10.4.9+1
NVDapple/mac_os_x_server10.3.9, 10.4.9+1

Patches

Patch: secunia.comPatch: www.securitytracker.comPatch: secunia.com

🔴Vulnerability Details

1
GHSA
GHSA-v73v-2jgh-w8c6: WebKit in Apple Mac OS X 102022-05-01
CVE-2007-2399 — Out-of-bounds Write in Apple MAC OS X | cvebase