PT-2010-3073 · Apple · Macos X

Chris Ries

Published

2010-06-17

Updated

2010-06-18

CVE-2010-1376

CVSS v2.0

6.8

Medium

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Mac OS X version 10.6 before 10.6.4

Description The issue allows remote attackers to execute arbitrary code or cause a denial of service via format string specifiers in a (1) afp, (2) cifs, or (3) smb URL. This can lead to application crashes or potentially more severe consequences.

Recommendations For Mac OS X version 10.6 before 10.6.4, update to version 10.6.4 or later to resolve the issue.

Fix

Use of Externally-Controlled Format String

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-134

Related Identifiers

CVE-2010-1376

Affected Products

Macos X

PT-2010-3073 · Apple · Macos X

CVE-2010-1376

Weakness Enumeration

Related Identifiers

Affected Products

References · 7