CVE-2006-1985

Safari - Heap-Based Buffer Overflow via Long Path Names in Archive

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-1985. PoCs published by Tom Ferris.

AI-analyzed exploit summary The provided text is a vulnerability summary for CVE-2006-1985, describing multiple security issues in Apple Mac OS X 10.4.6 and prior, including potential RCE and DoS vulnerabilities in Safari, Preview, Finder, QuickTime, and BOMArchiveHelper. No actual exploit code is present.

Description

Heap-based buffer overflow in BOM BOMArchiveHelper 10.4 (6.3) Build 312, as used in Mac OS X 10.4.6 and earlier, allows user-assisted attackers to execute arbitrary code via a crafted archive (such as ZIP) that contains long path names, which triggers an error in the BOMStackPop function.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Tom Ferris · textdososx

https://www.exploit-db.com/exploits/27715

View Code ZIP pw:eip

The provided text is a vulnerability summary for CVE-2006-1985, describing multiple security issues in Apple Mac OS X 10.4.6 and prior, including potential RCE and DoS vulnerabilities in Safari, Preview, Finder, QuickTime, and BOMArchiveHelper. No actual exploit code is present.

Classification

Writeup 90%

Attack Type

Other

Complexity

N/a

Reliability

N/a

Target: Apple Mac OS X 10.4.6 and prior

No auth needed

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (13)

Core 13

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/17951

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/24819

Vendor Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2006/1779

Patch, Vendor Advisory x_refsource_misc

http://www.security-protocols.com/sp-x25-advisory.php

Patch, Third Party Advisory, US Government Resource third-party-advisory x_refsource_cert

http://www.us-cert.gov/cas/techalerts/TA06-132A.html

Various Sources x_refsource_misc

http://www.security-protocols.com/modules.php?name=News&file=article&sid=3233

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://securitytracker.com/id?1016082

Patch vendor-advisory x_refsource_apple

http://lists.apple.com/archives/security-announce/2006/May/msg00003.html

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/25945

Vendor Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2006/1452

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/17634

Patch, Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/20077

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/19686

Scores

EPSS 0.1391

EPSS Percentile 96.1%

Details

CWE

CWE-119

Status published

Products (38)

apple/mac_os_x 10.3

apple/mac_os_x 10.3.1

apple/mac_os_x 10.3.2

apple/mac_os_x 10.3.3

apple/mac_os_x 10.3.4

apple/mac_os_x 10.3.5

apple/mac_os_x 10.3.6

apple/mac_os_x 10.3.7

apple/mac_os_x 10.3.8

apple/mac_os_x 10.3.9

... and 28 more

Published Apr 21, 2006

Tracked Since Feb 18, 2026