CVE-2007-4268

Name of the Vulnerable Software and Affected Versions Mac OS X versions 10.4 through 10.4.10

Description The issue is related to an integer signedness error in the Networking component, which allows local users to execute arbitrary code via a crafted AppleTalk message. This message contains a negative value that satisfies a signed comparison during mbuf allocation but is later interpreted as an unsigned value, triggering a heap-based buffer overflow.

Recommendations For Mac OS X versions 10.4 through 10.4.10, update to a version outside of this range to resolve the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.