PT-2009-4194 · Apple · Terminal+1
Rob King
·
Publicado
2009-06-05
·
Atualizado
2018-10-10
·
CVE-2009-1717
CVSS v2.0
6.8
Média
| Vetor | AV:N/AC:M/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions:
Apple Mac OS X versions prior to 10.5.7
Description:
The issue is related to an integer overflow in Terminal, allowing remote attackers to execute arbitrary code or cause a denial of service due to memory corruption and application crash. This is achieved by sending a crafted size value in a CSI[4 xterm resize escape sequence, which triggers a heap-based buffer overflow.
Recommendations:
For Apple Mac OS X versions prior to 10.5.7, update to version 10.5.7 or later to resolve the issue.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Macos X
Terminal