ByteOS Network

Vulnerability Details :

CVE-2008-4224

Assigner-mitre

Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca

Published At-17 Dec, 2008 | 01:00

Updated At-07 Aug, 2024 | 10:08

UDF in Apple Mac OS X before 10.5.6 allows user-assisted attackers to cause a denial of service (system crash) via a malformed UDF volume in a crafted ISO file.

EPSS History

Score

Latest Score

N/A

Percentile

Latest Percentile

N/A

▼Common Vulnerabilities and Exposures (CVE)

cve.org

Assigner:mitre

Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca

Published At:17 Dec, 2008 | 01:00

Updated At:07 Aug, 2024 | 10:08

▼CVE Numbering Authority (CNA)

UDF in Apple Mac OS X before 10.5.6 allows user-assisted attackers to cause a denial of service (system crash) via a malformed UDF volume in a crafted ISO file.

Affected Products

Vendor

n/a

Product

n/a

Versions

Affected

Problem Types

Type	CWE ID	Description
text	N/A	n/a

Type: text

CWE ID: N/A

Description: n/a

References

Hyperlink	Resource
http://www.vupen.com/english/advisories/2008/3444	vdb-entry x_refsource_VUPEN
http://www.securityfocus.com/bid/32872	vdb-entry x_refsource_BID
http://www.us-cert.gov/cas/techalerts/TA08-350A.html	third-party-advisory x_refsource_CERT
http://www.securitytracker.com/id?1021410	vdb-entry x_refsource_SECTRACK
http://secunia.com/advisories/33179	third-party-advisory x_refsource_SECUNIA
http://www.securityfocus.com/bid/32839	vdb-entry x_refsource_BID
http://support.apple.com/kb/HT3338	x_refsource_CONFIRM
http://lists.apple.com/archives/security-announce//2008//Dec/msg00000.html	vendor-advisory x_refsource_APPLE

Hyperlink: http://www.vupen.com/english/advisories/2008/3444

Resource:

vdb-entry

x_refsource_VUPEN

Hyperlink: http://www.securityfocus.com/bid/32872

Resource:

vdb-entry

x_refsource_BID

Hyperlink: http://www.us-cert.gov/cas/techalerts/TA08-350A.html

Resource:

third-party-advisory

x_refsource_CERT

Hyperlink: http://www.securitytracker.com/id?1021410

Resource:

vdb-entry

x_refsource_SECTRACK

Hyperlink: http://secunia.com/advisories/33179

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://www.securityfocus.com/bid/32839

Resource:

vdb-entry

x_refsource_BID

Hyperlink: http://support.apple.com/kb/HT3338

Resource:

x_refsource_CONFIRM

Hyperlink: http://lists.apple.com/archives/security-announce//2008//Dec/msg00000.html

Resource:

vendor-advisory

x_refsource_APPLE

▼Authorized Data Publishers (ADP)

CVE Program Container

References

Hyperlink	Resource
http://www.vupen.com/english/advisories/2008/3444	vdb-entry x_refsource_VUPEN x_transferred
http://www.securityfocus.com/bid/32872	vdb-entry x_refsource_BID x_transferred
http://www.us-cert.gov/cas/techalerts/TA08-350A.html	third-party-advisory x_refsource_CERT x_transferred
http://www.securitytracker.com/id?1021410	vdb-entry x_refsource_SECTRACK x_transferred
http://secunia.com/advisories/33179	third-party-advisory x_refsource_SECUNIA x_transferred
http://www.securityfocus.com/bid/32839	vdb-entry x_refsource_BID x_transferred
http://support.apple.com/kb/HT3338	x_refsource_CONFIRM x_transferred
http://lists.apple.com/archives/security-announce//2008//Dec/msg00000.html	vendor-advisory x_refsource_APPLE x_transferred

Hyperlink: http://www.vupen.com/english/advisories/2008/3444

Resource:

vdb-entry

x_refsource_VUPEN

x_transferred

Hyperlink: http://www.securityfocus.com/bid/32872

Resource:

vdb-entry

x_refsource_BID

x_transferred

Hyperlink: http://www.us-cert.gov/cas/techalerts/TA08-350A.html

Resource:

third-party-advisory

x_refsource_CERT

x_transferred

Hyperlink: http://www.securitytracker.com/id?1021410

Resource:

vdb-entry

x_refsource_SECTRACK

x_transferred

Hyperlink: http://secunia.com/advisories/33179

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://www.securityfocus.com/bid/32839

Resource:

vdb-entry

x_refsource_BID

x_transferred

Hyperlink: http://support.apple.com/kb/HT3338

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: http://lists.apple.com/archives/security-announce//2008//Dec/msg00000.html

Resource:

vendor-advisory

x_refsource_APPLE

x_transferred

▼National Vulnerability Database (NVD)

nvd.nist.gov

Source:cve@mitre.org

Published At:17 Dec, 2008 | 01:30

Updated At:08 Mar, 2011 | 03:12

UDF in Apple Mac OS X before 10.5.6 allows user-assisted attackers to cause a denial of service (system crash) via a malformed UDF volume in a crafted ISO file.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	2.0	7.1	HIGH	AV:N/AC:M/Au:N/C:N/I:N/A:C

Type: Primary

Version: 2.0

Base score: 7.1

Base severity: HIGH

Vector:

AV:N/AC:M/Au:N/C:N/I:N/A:C

CPE Matches

Apple Inc.

>>mac_os_x>>Versions up to 10.5.5(inclusive)

cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*

Apple Inc.

>>mac_os_x>>10.4.11

cpe:2.3:o:apple:mac_os_x:10.4.11:*:*:*:*:*:*:*

Apple Inc.

>>mac_os_x>>10.5

cpe:2.3:o:apple:mac_os_x:10.5:*:*:*:*:*:*:*

Apple Inc.

>>mac_os_x>>10.5.1

cpe:2.3:o:apple:mac_os_x:10.5.1:*:*:*:*:*:*:*

Apple Inc.

>>mac_os_x>>10.5.2

cpe:2.3:o:apple:mac_os_x:10.5.2:*:*:*:*:*:*:*

Apple Inc.

>>mac_os_x>>10.5.3

cpe:2.3:o:apple:mac_os_x:10.5.3:*:*:*:*:*:*:*

Apple Inc.

>>mac_os_x>>10.5.4

cpe:2.3:o:apple:mac_os_x:10.5.4:*:*:*:*:*:*:*

Apple Inc.

>>mac_os_x_server>>Versions up to 10.5.5(inclusive)

cpe:2.3:o:apple:mac_os_x_server:*:*:*:*:*:*:*:*

Apple Inc.

>>mac_os_x_server>>10.4.11

cpe:2.3:o:apple:mac_os_x_server:10.4.11:*:*:*:*:*:*:*

Apple Inc.

>>mac_os_x_server>>10.5

cpe:2.3:o:apple:mac_os_x_server:10.5:*:*:*:*:*:*:*

Apple Inc.

>>mac_os_x_server>>10.5.1

cpe:2.3:o:apple:mac_os_x_server:10.5.1:*:*:*:*:*:*:*

Apple Inc.

>>mac_os_x_server>>10.5.2

cpe:2.3:o:apple:mac_os_x_server:10.5.2:*:*:*:*:*:*:*

Apple Inc.

>>mac_os_x_server>>10.5.3

cpe:2.3:o:apple:mac_os_x_server:10.5.3:*:*:*:*:*:*:*

Apple Inc.

>>mac_os_x_server>>10.5.4

cpe:2.3:o:apple:mac_os_x_server:10.5.4:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-20	Primary	nvd@nist.gov

CWE ID: CWE-20

Type: Primary

Source: nvd@nist.gov

References

Hyperlink	Source	Resource
http://lists.apple.com/archives/security-announce//2008//Dec/msg00000.html	cve@mitre.org	Vendor Advisory
http://secunia.com/advisories/33179	cve@mitre.org	Vendor Advisory
http://support.apple.com/kb/HT3338	cve@mitre.org	Vendor Advisory
http://www.securityfocus.com/bid/32839	cve@mitre.org	N/A
http://www.securityfocus.com/bid/32872	cve@mitre.org	N/A
http://www.securitytracker.com/id?1021410	cve@mitre.org	N/A
http://www.us-cert.gov/cas/techalerts/TA08-350A.html	cve@mitre.org	US Government Resource
http://www.vupen.com/english/advisories/2008/3444	cve@mitre.org	N/A

Hyperlink: http://lists.apple.com/archives/security-announce//2008//Dec/msg00000.html

Source: cve@mitre.org

Resource:

Vendor Advisory

Hyperlink: http://secunia.com/advisories/33179

Source: cve@mitre.org

Resource:

Vendor Advisory

Hyperlink: http://support.apple.com/kb/HT3338

Source: cve@mitre.org

Resource:

Vendor Advisory

Hyperlink: http://www.securityfocus.com/bid/32839

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://www.securityfocus.com/bid/32872

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://www.securitytracker.com/id?1021410

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://www.us-cert.gov/cas/techalerts/TA08-350A.html

Source: cve@mitre.org

Resource:

US Government Resource

Hyperlink: http://www.vupen.com/english/advisories/2008/3444

Source: cve@mitre.org

Resource: N/A

CVE-2008-4224

Credits

Vendors

Products

Metrics (CVSS)

Weaknesses

Attack Patterns

Solution/Workaround

References

EPSS History

Score

Latest Score

N/A

Percentile

Latest Percentile

N/A

Stakeholder-Specific Vulnerability Categorization (SSVC)

Affected Products

Affected

Problem Types

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History

Similar CVEs