CVE-2006-0391

Published Mar 3, 2006

Last updated 7 years ago

Overview

Description: Directory traversal vulnerability in the BOM framework in Mac OS X 10.x before 10.3.9 and 10.4 before 10.4.5 allows user-assisted attackers to overwrite or create arbitrary files via an archive that is handled by BOMArchiveHelper.
Source: cve@mitre.org
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 1.7
Impact score: 2.9
Exploitability score: 3.1
Vector string: AV:L/AC:L/Au:S/C:N/I:P/A:N

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:apple:mac_os_x:10.3.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ED9BE602-A740-4CF7-9CAF-59061B16AB31"
          },
          {
            "criteria": "cpe:2.3:o:apple:mac_os_x:10.3.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BF2D00AC-FA2A-4C39-B796-DC19072862CF"
          },
          {
            "criteria": "cpe:2.3:o:apple:mac_os_x:10.3.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "421079DA-B605-4E05-9454-C30CF7631CF4"
          },
          {
            "criteria": "cpe:2.3:o:apple:mac_os_x:10.3.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "93B734BA-3435-40A9-B22B-5D56CEB865A7"
          },
          {
            "criteria": "cpe:2.3:o:apple:mac_os_x:10.3.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C4B57B3E-B1B2-4F13-99D3-4F9DB3C07B5E"
          },
          {
            "criteria": "cpe:2.3:o:apple:mac_os_x:10.3.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "30897327-44DD-4D6C-B8B6-2D66C44EA55D"
          },
          {
            "criteria": "cpe:2.3:o:apple:mac_os_x:10.3.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B79D8F73-2E78-4A67-96BB-21AD9BCB0094"
          },
          {
            "criteria": "cpe:2.3:o:apple:mac_os_x:10.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0760FDDB-38D3-4263-9B4D-1AF5E613A4F9"
          },
          {
            "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AFD4DE58-46C7-4E69-BF36-C5FD768B8248"
          },
          {
            "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CF824694-52DE-44E3-ACAD-60B2A84CD3CE"
          },
          {
            "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B73A0891-A37A-4E0D-AA73-B18BFD6B1447"
          },
          {
            "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "26AC38AB-D689-4B2B-9DAE-F03F4DFD15BE"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References