Details of VAR-200506-0052

ID

VAR-200506-0052

CVE

CVE-2005-1933

TITLE

Apple Mac OSX executes arbitrary widget with same "bundle identifier" as system widget

Trust: 0.8

sources: CERT/CC: VU#983429

DESCRIPTION

Dashboard in Apple Mac OS X Tiger 10.4 allows attackers to execute arbitrary commands by overriding the behavior of system widgets via a user widget with the same bundle identifier (CFBundleIdentifier), a different vulnerability than CVE-2005-1474. This can allow a user-installed widget to override a system-installed one. Mac OS X is prone to a remote security vulnerability. ---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secunia_vacancies/ ---------------------------------------------------------------------- TITLE: Apple Mac OS X Two Vulnerabilities SECUNIA ADVISORY ID: SA16047 VERIFY ADVISORY: http://secunia.com/advisories/16047/ CRITICAL: Moderately critical IMPACT: Manipulation of data, DoS WHERE: >From remote OPERATING SYSTEM: Apple Macintosh OS X http://secunia.com/product/96/ DESCRIPTION: Two vulnerabilities have been reported in Mac OS X, which can be exploited by malicious people to cause a DoS (Denial of Service) or replace system widgets on a user's system. 1) A NULL pointer dereference error in the TCP/IP implementation can be exploited to crash the kernel via a specially crafted TCP/IP packet. 2) An error in the Dashboard can be exploited to install widgets with the same internal identifier (CFBundleIdentifier) as an Apple-supplied widgets thereby replacing it. SOLUTION: Apply patches. Koh. 2) mithras.the.prophet ORIGINAL ADVISORY: Apple: http://docs.info.apple.com/article.html?artnum=301948 mithras.the.prophet: http://www1.cs.columbia.edu/~aaron/files/widgets/ OTHER REFERENCES: US-CERT VU#983429: http://www.kb.cert.org/vuls/id/983429 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.07

sources: NVD: CVE-2005-1933 // CERT/CC: VU#983429 // BID: 89877 // VULHUB: VHN-13142 // PACKETSTORM: 38649

AFFECTED PRODUCTS

vendor:	apple	model:	mac os x	scope:	eq	version:	10.4	Trust: 1.6
vendor:	apple computer	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	apple	model:	mac os	scope:	eq	version:	x10.4	Trust: 0.3

sources: CERT/CC: VU#983429 // BID: 89877 // CNNVD: CNNVD-200506-112 // NVD: CVE-2005-1933

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2005-1933
value:	HIGH
Trust: 1.0
CARNEGIE MELLON:	VU#983429
value:	1.58
Trust: 0.8
CNNVD:	CNNVD-200506-112
value:	HIGH
Trust: 0.6
VULHUB:	VHN-13142
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2005-1933
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-13142
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: CERT/CC: VU#983429 // VULHUB: VHN-13142 // CNNVD: CNNVD-200506-112 // NVD: CVE-2005-1933

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2005-1933

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200506-112

TYPE

unknown

Trust: 0.6

sources: CNNVD: CNNVD-200506-112

EXTERNAL IDS

db:	CERT/CC	id:	VU#983429	Trust: 2.9
db:	NVD	id:	CVE-2005-1933	Trust: 2.0
db:	CNNVD	id:	CNNVD-200506-112	Trust: 0.7
db:	BID	id:	89877	Trust: 0.4
db:	SECUNIA	id:	16047	Trust: 0.2
db:	VULHUB	id:	VHN-13142	Trust: 0.1
db:	PACKETSTORM	id:	38649	Trust: 0.1

sources: CERT/CC: VU#983429 // VULHUB: VHN-13142 // BID: 89877 // PACKETSTORM: 38649 // CNNVD: CNNVD-200506-112 // NVD: CVE-2005-1933

REFERENCES

url:	http://www1.cs.columbia.edu/~aaron/files/widgets/	Trust: 2.9
url:	http://www.kb.cert.org/vuls/id/983429	Trust: 2.1
url:	http://docs.info.apple.com/article.html?artnum=301722	Trust: 0.8
url:	http://developer.apple.com/documentation/appleapplications/conceptual/dashboard_tutorial/index.html	Trust: 0.8
url:	http://www.apple.com/macosx/features/dashboard/	Trust: 0.8
url:	http://www.appleinsider.com/article.php?id=1073	Trust: 0.8
url:	http://developer.apple.com/qa/qa2004/qa1373.html	Trust: 0.8
url:	http://secunia.com/secunia_security_advisories/	Trust: 0.1
url:	http://secunia.com/advisories/16047/	Trust: 0.1
url:	http://www.apple.com/support/downloads/macosxserver1042combo.html	Trust: 0.1
url:	http://secunia.com/secunia_vacancies/	Trust: 0.1
url:	http://www.apple.com/support/downloads/macosxupdate1042combo.html	Trust: 0.1
url:	http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org	Trust: 0.1
url:	http://docs.info.apple.com/article.html?artnum=301948	Trust: 0.1
url:	http://secunia.com/product/96/	Trust: 0.1
url:	http://secunia.com/about_secunia_advisories/	Trust: 0.1
url:	http://www.apple.com/support/downloads/macosxupdate1042.html	Trust: 0.1

sources: CERT/CC: VU#983429 // VULHUB: VHN-13142 // BID: 89877 // PACKETSTORM: 38649 // CNNVD: CNNVD-200506-112 // NVD: CVE-2005-1933

CREDITS

Unknown

Trust: 0.3

sources: BID: 89877

SOURCES

db:	CERT/CC	id:	VU#983429
db:	VULHUB	id:	VHN-13142
db:	BID	id:	89877
db:	PACKETSTORM	id:	38649
db:	CNNVD	id:	CNNVD-200506-112
db:	NVD	id:	CVE-2005-1933

LAST UPDATE DATE

2024-08-14T14:08:48.630000+00:00

SOURCES UPDATE DATE

db:	CERT/CC	id:	VU#983429	date:	2006-02-22T00:00:00
db:	VULHUB	id:	VHN-13142	date:	2008-09-05T00:00:00
db:	BID	id:	89877	date:	2005-06-13T00:00:00
db:	CNNVD	id:	CNNVD-200506-112	date:	2011-07-14T00:00:00
db:	NVD	id:	CVE-2005-1933	date:	2008-09-05T20:50:27.963

SOURCES RELEASE DATE

db:	CERT/CC	id:	VU#983429	date:	2005-06-08T00:00:00
db:	VULHUB	id:	VHN-13142	date:	2005-06-13T00:00:00
db:	BID	id:	89877	date:	2005-06-13T00:00:00
db:	PACKETSTORM	id:	38649	date:	2005-07-14T05:31:13
db:	CNNVD	id:	CNNVD-200506-112	date:	2005-06-13T00:00:00
db:	NVD	id:	CVE-2005-1933	date:	2005-06-13T04:00:00