MacOSX CD9660.Util Probe For Mounting Argument Local Buffer Overflow Vulnerability

The cd9660.util utility has been reported prone to a local buffer overrun vulnerability. Excessive data supplied as an argument for the probe for mounting switch, passed to the cd9660.util utility will overrun the bounds of a reserved buffer in memory. Because memory adjacent to this buffer has been reported to contain saved values that are crucial to controlling execution flow, a local attacker may potentially influence cd9660.util execution flow into attacker-supplied instructions.


Privacy Statement
Copyright 2010, SecurityFocus