PT-2008-3810 · Apple · Carboncore+3
Michal Zalewski
·
Published
2008-08-04
·
Updated
2018-10-11
·
CVE-2008-2320
CVSS v2.0
9.3
High
| Vector | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions:
Apple Mac OS X versions 10.4.11 through 10.5.4
iPhone OS versions 1.0 through 2.2.1
iPhone OS for iPod touch versions 1.1 through 2.2.1
Description:
A stack-based buffer overflow issue in CarbonCore allows context-dependent attackers to execute arbitrary code or cause a denial of service via a long filename to the file management API.
Recommendations:
For Apple Mac OS X versions 10.4.11 through 10.5.4, update to a version that includes the fix for this issue.
For iPhone OS versions 1.0 through 2.2.1, update to a version that includes the fix for this issue.
For iPhone OS for iPod touch versions 1.1 through 2.2.1, update to a version that includes the fix for this issue.
Fix
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Carboncore
Macos X
Ios
Iphone Os For Ipod Touch