Lucene search

MitreCVE-2006-6353

HistoryDec 07, 2006 - 1:28 a.m.

CVE-2006-6353

2006-12-0701:28:00

mitre

web.nvd.nist.gov

cve-2006-6353

mac os x

bomarchivehelper

denial of service

remote attackers

application crash

isec partners filep fuzzer

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

7.2

Confidence

Low

EPSS

0.003

Percentile

66.3%

JSON

Multiple unspecified vulnerabilities in BOMArchiveHelper in Mac OS X allow user-assisted remote attackers to cause a denial of service (application crash) via unspecified vectors related to (1) certain KERN_PROTECTION_FAILURE thread crashes and (2) certain KERN_INVALID_ADDRESS thread crashes, as discovered with the “iSec Partners FileP fuzzer”.

Affected configurations

Nvd

Node

applebomarchivehelper

Node

applemac_os_xMatch10.4.8

applemac_os_x_serverMatch10.4.8

VendorProductVersionCPE
applebomarchivehelper*cpe:2.3:a:apple:bomarchivehelper:*:*:*:*:*:*:*:*
applemac_os_x10.4.8cpe:2.3:o:apple:mac_os_x:10.4.8:*:*:*:*:*:*:*
applemac_os_x_server10.4.8cpe:2.3:o:apple:mac_os_x_server:10.4.8:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
apple	bomarchivehelper	*	cpe:2.3:a:apple:bomarchivehelper::::::::
apple	mac_os_x	10.4.8	cpe:2.3:o:apple:mac_os_x:10.4.8:::::::*
apple	mac_os_x_server	10.4.8	cpe:2.3:o:apple:mac_os_x_server:10.4.8:::::::*

References

security-protocols.com/2006/12/04/bomarchivehelper-needs-some-lovin/

www.securityfocus.com/bid/21446

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

7.2

Confidence

Low

EPSS

0.003

Percentile

66.3%

JSON

Related for CVE-2006-6353