CVE-2007-0229

Name of the Vulnerable Software and Affected Versions Mac OS X version 10.4.8 FreeBSD version 6.1

Description The issue is related to an integer overflow in the ffs mountfs function, which can be triggered by a crafted DMG image. This can cause a denial of service (panic) and potentially allow local users to gain privileges due to a heap-based buffer overflow. However, it is noted that in FreeBSD, this issue may not cross privilege boundaries because only root users can mount a filesystem.

Recommendations For Mac OS X version 10.4.8, update to a newer version to mitigate the risk. For FreeBSD version 6.1, restrict root access to mounting filesystems to minimize the risk of exploitation.