CVE-2007-0430

Apple Mac OS X < 10.4.8 - Denial of Service via Large mappingCount Value

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-0430. PoCs published by Adriano Lima.

AI-analyzed exploit summary This exploit targets a vulnerability in Mac OS X's shared region mapping mechanism by calling `shared_region_map_file_np` with crafted arguments to trigger a denial-of-service condition. It opens `/usr/lib/libSystem.dylib` and attempts to map it in a way that causes system instability.

Description

The shared_region_map_file_np function in Apple Mac OS X 10.4.8 and earlier kernel allows local users to cause a denial of service (memory corruption) via a large mappingCount value.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Adriano Lima · cdososx

https://www.exploit-db.com/exploits/3167

View Code ZIP pw:eip

This exploit targets a vulnerability in Mac OS X's shared region mapping mechanism by calling `shared_region_map_file_np` with crafted arguments to trigger a denial-of-service condition. It opens `/usr/lib/libSystem.dylib` and attempts to map it in a way that causes system instability.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Mac OS X (specific version not specified, but likely pre-2007)

No auth needed

Prerequisites: Access to a vulnerable Mac OS X system

MITRE ATT&CK