Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2007-6261Infinite Loop in Apple MAC OS X

CWE-1893 documents3 sources
Severity
4.9MEDIUMNVD
EPSS
0.1%
top 64.93%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Apple MAC OS X
Timeline
PublishedDec 6
Latest updateMay 1

Description

Integer overflow in the load_threadstack function in the Mach-O loader (mach_loader.c) in the xnu kernel in Apple Mac OS X 10.4 through 10.5.1 allows local users to cause a denial of service (infinite loop) via a crafted Mach-O binary.

CVSS vector

AV:L/AC:L/C:N/I:N/A:CExploitability: 3.9 | Impact: 6.9

Affected Packages1 packages

NVDapple/mac_os_x10.4, 10.5.1+1

🔴Vulnerability Details

1
GHSA
GHSA-mhcr-j4x3-h5xc: Integer overflow in the load_threadstack function in the Mach-O loader (mach_loader2022-05-01

💥Exploits & PoCs

1
Exploit-DB
Apple Mac OSX xnu 1228.0 - 'mach-o' Local Kernel Denial of Service (PoC)2007-12-04