Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-3500

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2006-3500
Last Modified 07 Mar 2011 09:38:45
Published 02 Aug 2006 09:04:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2006-3500

Summary

The dynamic linker (dyld) in Apple Mac OS X 10.4.7 allows local users to execute arbitrary code via an "improperly handled condition" that leads to use of "dangerous paths," probably related to an untrusted search path vulnerability.

Vulnerable Systems

Operating System

  • Apple Mac Os X 10.4.7

  • Apple Mac Os X Server 10.4.7


References

CERT - TA06-214A

XF - macosx-dyld-privilege-escalation(28141)

VUPEN - ADV-2006-3101

BID - 19289

OSVDB - 27738

SECUNIA - 21253

APPLE - APPLE-SA-2006-08-01

Related Patches

Apple 2006-08-01 Security Update 2006-004 Mac OS X 10.4.7 Client (PPC)

Apple 2006-08-01 Security Update 2006-004 Mac OS X 10.4.7 Client (Intel)


Last Updated: 27 May 2016 10:43:02