CVE-2007-6165
published 2007-11-29CVE-2007-6165: Mail in Apple Mac OS X Leopard (10.5.1) allows user-assisted remote attackers to execute arbitrary code via an AppleDouble attachment containing an…
PriorityP353critical9.3CVSS 2.0
AVNACMAuNCCICAC
EXPLOIT
EPSS
44.75%
98.6th percentile
Mail in Apple Mac OS X Leopard (10.5.1) allows user-assisted remote attackers to execute arbitrary code via an AppleDouble attachment containing an apparently-safe file type and script in a resource fork, which does not warn the user that a separate program is going to be executed. NOTE: this is a regression error related to CVE-2006-0395.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | mac_os_x | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Apple Mail.app - Image Attachment Command Execution (Metasploit)
exploitdb·2011-03-05
CVE-2007-6165 Apple Mail.app - Image Attachment Command Execution (Metasploit)
Apple Mail.app - Image Attachment Command Execution (Metasploit)
---
##
# $Id: mailapp_image_exec.rb 10397 2010-09-20 15:59:46Z jduck $
##
##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
# Framework web site for more information on licensing and terms of use.
# http://metasploit.com/framework/
##
require 'msf/core'
class Metasploit3 'Mail.app Image Attachment Command Execution',
'Description' => %q{
This module exploits a command execution vulnerability in the
Mail.app application shipped with Mac OS X 10.5.0. This flaw was
patched in 10.4 in March of 2007, but reintroduced into the final
release of 10.5.
},
'License' => MSF_LICENSE,
'Author' => ['hdm', 'kf'],
'Version' => '$Revision: 1039
Exploit-DB
Apple Mac OSX 10.5.x - Mail Arbitrary Code Execution
exploitdb·2007-11-20·CVSS 7.5
CVE-2007-6165 [HIGH] Apple Mac OSX 10.5.x - Mail Arbitrary Code Execution
Apple Mac OSX 10.5.x - Mail Arbitrary Code Execution
---
source: https://www.securityfocus.com/bid/26510/info
Apple Mac OS X is prone to a vulnerability that can allow arbitrary code to run. This issue affects the Mail application when handling email attachments.
Attackers can exploit this issue to execute arbitrary code in the context of the user running the application. This will compromise the application and possibly the underlying operating system.
This issue affects Mac OS X 10.5.
NOTE: This vulnerability may be related to CVE-2007-0395 documented in BID 16907 (Apple Mac OS X Security Update 2006-001 Multiple Vulnerabilities). Although the issues seem similar in nature, this may not be the very same underlying vulnerability. We will update this BID as more information emerges.
Metasploit
Mail.app Image Attachment Command Execution
metasploit
Mail.app Image Attachment Command Execution
Mail.app Image Attachment Command Execution
This module exploits a command execution vulnerability in the Mail.app application shipped with Mac OS X 10.5.0. This flaw was patched in 10.4 in March of 2007, but reintroduced into the final release of 10.5.
No writeups or analysis indexed.
http://docs.info.apple.com/article.html?artnum=307179http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.htmlhttp://secunia.com/advisories/27785http://secunia.com/advisories/28136http://securitytracker.com/id?1019106http://www.heise-security.co.uk/news/99257http://www.kb.cert.org/vuls/id/433819http://www.securityfocus.com/bid/26510http://www.us-cert.gov/cas/techalerts/TA07-352A.htmlhttp://www.vupen.com/english/advisories/2007/3958http://www.vupen.com/english/advisories/2007/4238http://docs.info.apple.com/article.html?artnum=307179http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.htmlhttp://secunia.com/advisories/27785http://secunia.com/advisories/28136http://securitytracker.com/id?1019106http://www.heise-security.co.uk/news/99257http://www.kb.cert.org/vuls/id/433819http://www.securityfocus.com/bid/26510http://www.us-cert.gov/cas/techalerts/TA07-352A.htmlhttp://www.vupen.com/english/advisories/2007/3958http://www.vupen.com/english/advisories/2007/4238
2007-11-29
Published