cbcvebase.
CVE-2010-0105
published 2010-04-27

CVE-2010-0105: The hfs implementation in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 supports hard links to directories and does not prevent certain deeply nested…

PriorityP417medium4.9CVSS 2.0
AVLACLAuNCNINAC
EXPLOIT
EPSS
0.84%
53.2th percentile
The hfs implementation in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 supports hard links to directories and does not prevent certain deeply nested directory structures, which allows local users to cause a denial of service (filesystem corruption) via a crafted application that calls the mkdir and link functions, related to the fsck_hfs program in the diskdev_cmds component.

Affected

14 ranges
VendorProductVersion rangeFixed in
applemac_os_x
applemac_os_x
applemac_os_x
applemac_os_x
applemac_os_x
applemac_os_x
applemac_os_x
msrcmicrosoft_office_2010_service_pack_2
msrcmicrosoft_office_compatibility_pack_service_pack_3
msrcmicrosoft_office_web_apps_server_2010_service_pack_2
msrcmicrosoft_word_2007_service_pack_3
msrcmicrosoft_word_2010_service_pack_2
msrcmicrosoft_word_for_mac_2011
msrcword_automation_services_on_microsoft_sharepoint_server_2010_service_pack_2

CVSS provenance

nvdv2.04.9MEDIUMAV:L/AC:L/Au:N/C:N/I:N/A:C
vendor_redhat6.5MEDIUM
vendor_msrc5.5HIGH
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.