Integer Overflow in Mac OS X and FreeBSD Allowing Denial of Service
CVE-2007-0229

Currently unrated

Key Information:

Vendor: FreeBSD
Status: FreeBSD; Mac Os X Server; Mac Os X
Vendor: CVE Published:; 13 January 2007

What is CVE-2007-0229?

An integer overflow vulnerability exists in the ffs_mountfs function found in Mac OS X 10.4.8 and FreeBSD 6.1. This flaw allows local users to create a crafted DMG image that may lead to a denial of service by triggering a system panic. The exploit causes the allocation of a negative size buffer, which can ultimately lead to a heap-based buffer overflow. While some reports indicate that this vulnerability does not cross privilege boundaries in FreeBSD, as only the root user can mount a filesystem, it remains a significant issue for those using affected versions of Mac OS X.

References

http://projects.info-pull.com/moab/MOAB-10-01-2007.html

x_refsource_MISC

http://www.us-cert.gov/cas/techalerts/TA07-072A.html

third-party-advisoryx_refsource_CERT

http://www.osvdb.org/32684

vdb-entryx_refsource_OSVDB

Timeline

Vulnerability published
Jan 13, 2007
Vulnerability Reserved
Jan 12, 2007