Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2007-3876Improper Restriction of Operations within the Bounds of a Memory Buffer in Apple MAC OS X

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer3 documents3 sources
Severity
6.6MEDIUMNVD
EPSS
0.3%
top 49.09%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Apple MAC OS X
Timeline
PublishedDec 19
Latest updateMay 1

Description

Stack-based buffer overflow in SMB in Apple Mac OS X 10.4.11 allows local users to execute arbitrary code via (1) a long workgroup (-W) option to mount_smbfs or (2) an unspecified manipulation of the command line to smbutil.

CVSS vector

AV:L/AC:L/C:C/I:C/A:NExploitability: 3.9 | Impact: 9.2

Affected Packages1 packages

NVDapple/mac_os_x10.4.11

🔴Vulnerability Details

1
GHSA
GHSA-cphm-8pg6-j542: Stack-based buffer overflow in SMB in Apple Mac OS X 102022-05-01

💥Exploits & PoCs

1
Exploit-DB
Apple Mac OSX - 'mount_smbfs' Local Stack Buffer Overflow2007-12-19