CVE-2005-0716

Apple Mac OS X - Buffer Overflow

Title source: rule

Description

Stack-based buffer overflow in the Core Foundation Library in Mac OS X 10.3.5 and 10.3.6, and possibly earlier versions, allows local users to execute arbitrary code via a long CF_CHARSET_PATH environment variable.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Kevin Finisterre · perllocalosx

https://www.exploit-db.com/exploits/2111

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by vade79 · clocalosx

https://www.exploit-db.com/exploits/896

View Code ZIP pw:eip

References (3)

[Vendor Advisory] http://lists.apple.com/archives/security-announce/2005/Mar/msg00000.html

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/13224

[Vendor Advisory] http://www.idefense.com/application/poi/display?id=219&type=vulnerabilities

Scores

EPSS 0.0020

EPSS Percentile 41.7%

Details

Status published

Products (16)

apple/mac_os_x 10.3

apple/mac_os_x 10.3.1

apple/mac_os_x 10.3.2

apple/mac_os_x 10.3.3

apple/mac_os_x 10.3.4

apple/mac_os_x 10.3.5

apple/mac_os_x 10.3.6

apple/mac_os_x 10.3.7

apple/mac_os_x 10.3.8

apple/mac_os_x_server 10.3

... and 6 more

Published Mar 21, 2005

Tracked Since Feb 18, 2026