Vulnerability Details CVE-2005-0716
Stack-based buffer overflow in the Core Foundation Library in Mac OS X 10.3.5 and 10.3.6, and possibly earlier versions, allows local users to execute arbitrary code via a long CF_CHARSET_PATH environment variable.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 42.2%
CVSS Severity
CVSS v2 Score 7.2
References
- http://lists.apple.com/archives/security-announce/2005/Mar/msg00000.html
- http://www.idefense.com/application/poi/display?id=219&type=vulnerabilities
- http://www.securityfocus.com/bid/13224
- http://lists.apple.com/archives/security-announce/2005/Mar/msg00000.html
- http://www.idefense.com/application/poi/display?id=219&type=vulnerabilities
- http://www.securityfocus.com/bid/13224
Products affected by CVE-2005-0716
-
cpe:2.3:o:apple:mac_os_x:10.3
-
cpe:2.3:o:apple:mac_os_x:10.3.1
-
cpe:2.3:o:apple:mac_os_x:10.3.2
-
cpe:2.3:o:apple:mac_os_x:10.3.3
-
cpe:2.3:o:apple:mac_os_x:10.3.4
-
cpe:2.3:o:apple:mac_os_x:10.3.5
-
cpe:2.3:o:apple:mac_os_x:10.3.6
-
cpe:2.3:o:apple:mac_os_x:10.3.7
-
cpe:2.3:o:apple:mac_os_x:10.3.8
-
cpe:2.3:o:apple:mac_os_x_server:10.3
-
cpe:2.3:o:apple:mac_os_x_server:10.3.1
-
cpe:2.3:o:apple:mac_os_x_server:10.3.2
-
cpe:2.3:o:apple:mac_os_x_server:10.3.3
-
cpe:2.3:o:apple:mac_os_x_server:10.3.4
-
cpe:2.3:o:apple:mac_os_x_server:10.3.5
-
cpe:2.3:o:apple:mac_os_x_server:10.3.6