CVE-2006-3500

The dynamic linker (dyld) in Apple Mac OS X 10.4.7 allows local users to execute arbitrary code via an "improperly handled condition" that leads to use of "dangerous paths," probably related to an untrusted search path vulnerability.

CVSS v2.0 7.2 HIGH

7.2^/10

CVSS v2.0 : HIGH

Vector : AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 3.9 / Impact : 10.0

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://lists.apple.com/archives/security-announce/2006//Aug/msg00000.html
http://secunia.com/advisories/21253
http://www.osvdb.org/27738
http://www.securityfocus.com/bid/19289
http://www.us-cert.gov/cas/techalerts/TA06-214A.html	US Government Resource
http://www.vupen.com/english/advisories/2006/3101
https://exchange.xforce.ibmcloud.com/vulnerabilities/28141

Advertisement

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:apple:mac_os_x_server:10.4.7:::::::*
	cpe:2.3:o:apple:mac_os_x:10.4.7:::::::*

Information

Published : 2006-08-02 18:04

Updated : 2017-07-19 18:32

NVD link : CVE-2006-3500

Mitre link : CVE-2006-3500

JSON object : View

CWE

NVD-CWE-Other

Advertisement

Products Affected

apple

mac_os_x
mac_os_x_server

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://lists.apple.com/archives/security-announce/2006//Aug/msg00000.html", "name": "APPLE-SA-2006-08-01", "tags": [], "refsource": "APPLE"}, {"url": "http://secunia.com/advisories/21253", "name": "21253", "tags": [], "refsource": "SECUNIA"}, {"url": "http://www.osvdb.org/27738", "name": "27738", "tags": [], "refsource": "OSVDB"}, {"url": "http://www.securityfocus.com/bid/19289", "name": "19289", "tags": [], "refsource": "BID"}, {"url": "http://www.us-cert.gov/cas/techalerts/TA06-214A.html", "name": "TA06-214A", "tags": ["US Government Resource"], "refsource": "CERT"}, {"url": "http://www.vupen.com/english/advisories/2006/3101", "name": "ADV-2006-3101", "tags": [], "refsource": "VUPEN"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28141", "name": "macosx-dyld-privilege-escalation(28141)", "tags": [], "refsource": "XF"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "The dynamic linker (dyld) in Apple Mac OS X 10.4.7 allows local users to execute arbitrary code via an \"improperly handled condition\" that leads to use of \"dangerous paths,\" probably related to an untrusted search path vulnerability."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2006-3500", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 7.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "severity": "HIGH", "impactScore": 10.0, "obtainAllPrivilege": true, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2006-08-03T01:04Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.4.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2017-07-20T01:32Z"}