Vulnerabilities > CVE-2006-6353 - Remote Archive File vulnerability in Apple BOMArchiveHelper

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

apple

NVD

Published: 2006-12-07

Updated: 2008-09-05

Summary

Multiple unspecified vulnerabilities in BOMArchiveHelper in Mac OS X allow user-assisted remote attackers to cause a denial of service (application crash) via unspecified vectors related to (1) certain KERN_PROTECTION_FAILURE thread crashes and (2) certain KERN_INVALID_ADDRESS thread crashes, as discovered with the "iSec Partners FileP fuzzer".

Vulnerable Configurations

Part	Description	Count
Application	Apple Apple Bomarchivehelper *	1
OS	Apple Apple MAC OS X 10.4.8 Apple MAC OS X Server 10.4.8	2

References

http://security-protocols.com/2006/12/04/bomarchivehelper-needs-some-lovin/
http://www.securityfocus.com/bid/21446