CVE-2007-0465

Currently unrated

Key Information:

Vendor: Apple
Status: Installer
Vendor: CVE Published:; 31 January 2007

Summary

Format string vulnerability in Apple Installer 2.1.5 on Mac OS X 10.4.8 allows user-assisted remote attackers to execute arbitrary code via format string specifiers in a (1) PKG, (2) DISTZ, or (3) MPKG package filename.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/31883

vdb-entryx_refsource_XF

http://secunia.com/advisories/24966

third-party-advisoryx_refsource_SECUNIA

http://www.securityfocus.com/bid/22272

vdb-entryx_refsource_BID

EPSS Score

70% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jan 31, 2007
Vulnerability Reserved
Jan 23, 2007