{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-11-14T00:00:00", "descriptions": [{"lang": "en", "value": "Integer overflow in the Networking component in Apple Mac OS X 10.4 through 10.4.10 allows local users to execute arbitrary code via a crafted AppleTalk Session Protocol (ASP) message on an AppleTalk socket, which triggers a heap-based buffer overflow."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-28T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "1018950", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1018950"}, {"name": "26444", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/26444"}, {"name": "APPLE-SA-2007-11-14", "tags": ["vendor-advisory", "x_refsource_APPLE"], "url": "http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://docs.info.apple.com/article.html?artnum=307041"}, {"name": "ADV-2007-3868", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/3868"}, {"name": "macosx-networking-appletalk-bo(38473)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38473"}, {"name": "27643", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/27643"}, {"name": "TA07-319A", "tags": ["third-party-advisory", "x_refsource_CERT"], "url": "http://www.us-cert.gov/cas/techalerts/TA07-319A.html"}, {"name": "20071114 Apple Mac OS X AppleTalk ASP Message Kernel Heap Overflow Vulnerability", "tags": ["third-party-advisory", "x_refsource_IDEFENSE"], "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=629"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-4269", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Integer overflow in the Networking component in Apple Mac OS X 10.4 through 10.4.10 allows local users to execute arbitrary code via a crafted AppleTalk Session Protocol (ASP) message on an AppleTalk socket, which triggers a heap-based buffer overflow."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "1018950", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1018950"}, {"name": "26444", "refsource": "BID", "url": "http://www.securityfocus.com/bid/26444"}, {"name": "APPLE-SA-2007-11-14", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html"}, {"name": "http://docs.info.apple.com/article.html?artnum=307041", "refsource": "CONFIRM", "url": "http://docs.info.apple.com/article.html?artnum=307041"}, {"name": "ADV-2007-3868", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/3868"}, {"name": "macosx-networking-appletalk-bo(38473)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38473"}, {"name": "27643", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27643"}, {"name": "TA07-319A", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA07-319A.html"}, {"name": "20071114 Apple Mac OS X AppleTalk ASP Message Kernel Heap Overflow Vulnerability", "refsource": "IDEFENSE", "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=629"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-4269", "datePublished": "2007-11-15T01:00:00", "dateReserved": "2007-08-09T00:00:00", "dateUpdated": "2017-07-28T12:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:apple:mac_os_x:10.4:*:*:*:*:*:*:*", "matchCriteriaId": "0760FDDB-38D3-4263-9B4D-1AF5E613A4F9", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "AFD4DE58-46C7-4E69-BF36-C5FD768B8248", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "CF824694-52DE-44E3-ACAD-60B2A84CD3CE", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "B73A0891-A37A-4E0D-AA73-B18BFD6B1447", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "26AC38AB-D689-4B2B-9DAE-F03F4DFD15BE", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.5:*:*:*:*:*:*:*", "matchCriteriaId": "0C580935-0091-4163-B747-750FB7686973", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.6:*:*:*:*:*:*:*", "matchCriteriaId": "BB0F2132-8431-4CEF-9A3D-A69425E3834E", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.7:*:*:*:*:*:*:*", "matchCriteriaId": "8719F3C4-F1DE-49B5-9301-22414A2B6F9C", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.8:*:*:*:*:*:*:*", "matchCriteriaId": "09ED46A8-1739-411C-8807-2A416BDB6DFE", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.9:*:*:*:*:*:*:*", "matchCriteriaId": "786BB737-EA99-4EC6-B742-0C35BF2453F9", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.10:*:*:*:*:*:*:*", "matchCriteriaId": "8D089858-3AF9-4B82-912D-AA33F25E3715", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4:*:*:*:*:*:*:*", "matchCriteriaId": "D24D5FA5-95DD-4ECC-B99A-8CB33156A6D0", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "F60BF582-F700-4E26-A4AF-5BF657803525", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "29644501-54BD-45E9-A6C1-618892CD354F", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "8A132487-E89F-4D0D-8366-14AFC904811F", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "FD231103-D7C7-4697-BE90-D67558D6115C", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "BCADAAA0-C885-466C-A122-A94E73EAF817", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.5:*:*:*:*:*:*:*", "matchCriteriaId": "448DB1C7-7B0C-4076-9B9F-1CDCD5EB6930", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.6:*:*:*:*:*:*:*", "matchCriteriaId": "2BE429EF-24D4-453A-8B43-8CCEF5D72773", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.7:*:*:*:*:*:*:*", "matchCriteriaId": "8AC9692A-CE81-446D-B136-449662C4B9A2", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.8:*:*:*:*:*:*:*", "matchCriteriaId": "504D78AB-5374-48C9-B357-DB6BD2267D2D", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.9:*:*:*:*:*:*:*", "matchCriteriaId": "3029892E-1375-4F40-83D3-A51BDC4E9840", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.10:*:*:*:*:*:*:*", "matchCriteriaId": "81F8DA6D-2258-4138-8FB2-90BE3C68B230", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Integer overflow in the Networking component in Apple Mac OS X 10.4 through 10.4.10 allows local users to execute arbitrary code via a crafted AppleTalk Session Protocol (ASP) message on an AppleTalk socket, which triggers a heap-based buffer overflow."}, {"lang": "es", "value": "Un desbordamiento de enteros en el componente Networking en Apple Mac OS X versiones 10.4 hasta 10.4.10, permite a usuarios locales ejecutar c\u00f3digo arbitrario por medio de un mensaje de AppleTalk Session Protocol (ASP) dise\u00f1ado en un socket de AppleTalk, que desencadena un desbordamiento de b\u00fafer en la regi\u00f3n heap de la memoria ."}], "id": "CVE-2007-4269", "lastModified": "2017-07-29T01:32:49.363", "metrics": {"cvssMetricV2": [{"acInsufInfo": true, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-11-15T01:46:00.000", "references": [{"source": "cve@mitre.org", "url": "http://docs.info.apple.com/article.html?artnum=307041"}, {"source": "cve@mitre.org", "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=629"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/27643"}, {"source": "cve@mitre.org", "url": "http://securitytracker.com/id?1018950"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/26444"}, {"source": "cve@mitre.org", "tags": ["US Government Resource"], "url": "http://www.us-cert.gov/cas/techalerts/TA07-319A.html"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2007/3868"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38473"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-189"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}