ID

VAR-200701-0510


CVE

CVE-2007-0102


TITLE

Apple Mac OS X Preview Implemented in Adobe PDF Service disruption in (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2007-001335

DESCRIPTION

The Adobe PDF specification 1.3, as implemented by Apple Mac OS X Preview, allows remote attackers to have an unknown impact, possibly including denial of service (infinite loop), arbitrary code execution, or memory corruption, via a PDF file with a (1) crafted catalog dictionary or (2) a crafted Pages attribute that references an invalid page tree node. Microsoft Publisher is prone to a remote code-execution vulnerability. An attacker could exploit this issue by enticing a victim to open a malicious Publisher file. Successfully exploiting this issue would allow the attacker to execute arbitrary code in the context of the currently logged-in user. Publisher is a tool in the Microsoft Office suite of office software for creating, personalizing and sharing a variety of publications and marketing materials. Publisher did not properly validate application data when loading Publisher files into memory, and did not validate memory index values ​​when opening specially crafted Publisher files. If a user is tricked into opening a malicious .pub file, memory corruption could be triggered, resulting in arbitrary command execution. ---------------------------------------------------------------------- To improve our services to our customers, we have made a number of additions to the Secunia Advisories and have started translating the advisories to German. The improvements will help our customers to get a better understanding of how we reached our conclusions, how it was rated, our thoughts on exploitation, attack vectors, and scenarios. This includes: * Reason for rating * Extended description * Extended solution * Exploit code or links to exploit code * Deep links Read the full description: http://corporate.secunia.com/products/48/?r=l Contact Secunia Sales for more information: http://corporate.secunia.com/how_to_buy/15/?r=l ---------------------------------------------------------------------- TITLE: Mac OS X Mach-O Universal Binary Memory Corruption SECUNIA ADVISORY ID: SA23088 VERIFY ADVISORY: http://secunia.com/advisories/23088/ CRITICAL: Less critical IMPACT: DoS, System access WHERE: Local system OPERATING SYSTEM: Apple Macintosh OS X http://secunia.com/product/96/ DESCRIPTION: LMH has reported a vulnerability in Mac OS X, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or potentially gain escalated privileges. The vulnerability is caused due to an error in the fatfile_getarch2() function. This can be exploited to cause an integer overflow and may potentially allow execution of arbitrary code with kernel privileges via a specially crafted Mach-O Universal binary. The vulnerability is reported in a fully patched Mac OS X (2006-11-26). Other versions may also be affected. SOLUTION: Grant only trusted users access to affected systems. PROVIDED AND/OR DISCOVERED BY: LMH ORIGINAL ADVISORY: http://projects.info-pull.com/mokb/MOKB-26-11-2006.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.16

sources: NVD: CVE-2007-0102 // JVNDB: JVNDB-2007-001335 // BID: 27739 // VULHUB: VHN-23464 // VULMON: CVE-2007-0102 // PACKETSTORM: 52529

AFFECTED PRODUCTS

vendor:applemodel:previewscope:eqversion:3.0.8

Trust: 1.6

vendor:applemodel:previewscope: - version: -

Trust: 0.8

vendor:microsoftmodel:publisher sp2scope:eqversion:2003

Trust: 0.3

vendor:microsoftmodel:publisherscope:eqversion:2003

Trust: 0.3

vendor:microsoftmodel:publisher sp3scope:eqversion:2002

Trust: 0.3

vendor:microsoftmodel:publisherscope:eqversion:2002

Trust: 0.3

vendor:microsoftmodel:publisher sp3scope:eqversion:2000

Trust: 0.3

vendor:microsoftmodel:publisherscope:eqversion:2000

Trust: 0.3

vendor:microsoftmodel:publisher sp3scope:neversion:2003

Trust: 0.3

sources: BID: 27739 // JVNDB: JVNDB-2007-001335 // CNNVD: CNNVD-200701-054 // NVD: CVE-2007-0102

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2007-0102
value: MEDIUM

Trust: 1.0

NVD: CVE-2007-0102
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-200701-054
value: MEDIUM

Trust: 0.6

VULHUB: VHN-23464
value: MEDIUM

Trust: 0.1

VULMON: CVE-2007-0102
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2007-0102
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-23464
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-23464 // VULMON: CVE-2007-0102 // JVNDB: JVNDB-2007-001335 // CNNVD: CNNVD-200701-054 // NVD: CVE-2007-0102

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.9

sources: VULHUB: VHN-23464 // JVNDB: JVNDB-2007-001335 // NVD: CVE-2007-0102

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200701-054

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-200701-054

CONFIGURATIONS

sources: JVNDB: JVNDB-2007-001335

PATCH

title:Top Pageurl:http://www.apple.com/macosx/

Trust: 0.8

title: - url:https://github.com/0xCyberY/CVE-T4PDF

Trust: 0.1

sources: VULMON: CVE-2007-0102 // JVNDB: JVNDB-2007-001335

EXTERNAL IDS

db:NVDid:CVE-2007-0102

Trust: 2.9

db:USCERTid:TA07-072A

Trust: 2.6

db:BIDid:21910

Trust: 1.8

db:VUPENid:ADV-2007-0930

Trust: 1.8

db:OSVDBid:31221

Trust: 1.8

db:SECTRACKid:1017749

Trust: 1.8

db:SECUNIAid:24479

Trust: 1.8

db:JVNDBid:JVNDB-2007-001335

Trust: 0.8

db:CNNVDid:CNNVD-200701-054

Trust: 0.7

db:CERT/CCid:TA07-072A

Trust: 0.6

db:XFid:31364

Trust: 0.6

db:BIDid:27739

Trust: 0.4

db:VULHUBid:VHN-23464

Trust: 0.1

db:VULMONid:CVE-2007-0102

Trust: 0.1

db:SECUNIAid:23088

Trust: 0.1

db:PACKETSTORMid:52529

Trust: 0.1

sources: VULHUB: VHN-23464 // VULMON: CVE-2007-0102 // BID: 27739 // JVNDB: JVNDB-2007-001335 // PACKETSTORM: 52529 // CNNVD: CNNVD-200701-054 // NVD: CVE-2007-0102

REFERENCES

url:http://www.us-cert.gov/cas/techalerts/ta07-072a.html

Trust: 2.6

url:http://www.securityfocus.com/bid/21910

Trust: 1.8

url:http://docs.info.apple.com/article.html?artnum=305214

Trust: 1.8

url:http://projects.info-pull.com/moab/moab-06-01-2007.html

Trust: 1.8

url:http://osvdb.org/31221

Trust: 1.8

url:http://www.securitytracker.com/id?1017749

Trust: 1.8

url:http://secunia.com/advisories/24479

Trust: 1.8

url:http://www.vupen.com/english/advisories/2007/0930

Trust: 1.2

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/31364

Trust: 1.2

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-0102

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-0102

Trust: 0.8

url:http://xforce.iss.net/xforce/xfdb/31364

Trust: 0.6

url:http://www.frsirt.com/english/advisories/2007/0930

Trust: 0.6

url:http://office.microsoft.com/en-us/publisher/default.aspx

Trust: 0.3

url:http://www.microsoft.com/technet/security/bulletin/ms08-012.mspx

Trust: 0.3

url:https://cwe.mitre.org/data/definitions/20.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://www.securityfocus.com/bid/27739

Trust: 0.1

url:https://github.com/0xcybery/cve-t4pdf

Trust: 0.1

url:http://secunia.com/secunia_security_advisories/

Trust: 0.1

url:http://projects.info-pull.com/mokb/mokb-26-11-2006.html

Trust: 0.1

url:http://corporate.secunia.com/products/48/?r=l

Trust: 0.1

url:http://secunia.com/advisories/23088/

Trust: 0.1

url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Trust: 0.1

url:http://secunia.com/product/96/

Trust: 0.1

url:http://corporate.secunia.com/how_to_buy/15/?r=l

Trust: 0.1

url:http://secunia.com/about_secunia_advisories/

Trust: 0.1

sources: VULHUB: VHN-23464 // VULMON: CVE-2007-0102 // BID: 27739 // JVNDB: JVNDB-2007-001335 // PACKETSTORM: 52529 // CNNVD: CNNVD-200701-054 // NVD: CVE-2007-0102

CREDITS

Piotr Bania bania.piotr@gmail.com

Trust: 0.6

sources: CNNVD: CNNVD-200701-054

SOURCES

db:VULHUBid:VHN-23464
db:VULMONid:CVE-2007-0102
db:BIDid:27739
db:JVNDBid:JVNDB-2007-001335
db:PACKETSTORMid:52529
db:CNNVDid:CNNVD-200701-054
db:NVDid:CVE-2007-0102

LAST UPDATE DATE

2024-11-23T20:20:01.744000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-23464date:2017-07-29T00:00:00
db:VULMONid:CVE-2007-0102date:2017-07-29T00:00:00
db:BIDid:27739date:2016-07-05T21:38:00
db:JVNDBid:JVNDB-2007-001335date:2012-06-26T00:00:00
db:CNNVDid:CNNVD-200701-054date:2007-01-15T00:00:00
db:NVDid:CVE-2007-0102date:2024-11-21T00:24:58.520

SOURCES RELEASE DATE

db:VULHUBid:VHN-23464date:2007-01-09T00:00:00
db:VULMONid:CVE-2007-0102date:2007-01-09T00:00:00
db:BIDid:27739date:2008-02-12T00:00:00
db:JVNDBid:JVNDB-2007-001335date:2012-06-26T00:00:00
db:PACKETSTORMid:52529date:2006-11-28T00:52:20
db:CNNVDid:CNNVD-200701-054date:2007-01-08T00:00:00
db:NVDid:CVE-2007-0102date:2007-01-09T00:28:00