OpenCVE

Integer overflow in the API for the AirPort wireless driver on Apple Mac OS X 10.4.7 might allow physically proximate attackers to cause a denial of service (crash) or execute arbitrary code in third-party wireless software that uses the API via crafted frames.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:L/AC:L/Au:N/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Apple	Mac Os X Mac Os X Server

Configuration 1 [-]

OR	cpe:2.3:o:apple:mac_os_x:10.4.7:::::::*
	cpe:2.3:o:apple:mac_os_x_server:10.4.7:::::::*

No data.

References

Link	Providers
http://lists.apple.com/archives/Security-announce/2006/Sep/msg00001.html
http://secunia.com/advisories/22068
http://securitytracker.com/id?1016903
http://www.kb.cert.org/vuls/id/563492
http://www.securityfocus.com/bid/20144
http://www.vupen.com/english/advisories/2006/3737

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2006-09-21T21:00:00

Updated: 2024-08-07T18:30:34.383Z

Reserved: 2006-07-10T00:00:00

Link: CVE-2006-3509

Vulnrichment

No data.

NVD

Status : Modified

Published: 2006-09-21T21:07:00.000

Modified: 2024-11-21T00:13:47.070

Link: CVE-2006-3509

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2006-09-21T00:00:00", "descriptions": [{"lang": "en", "value": "Integer overflow in the API for the AirPort wireless driver on Apple Mac OS X 10.4.7 might allow physically proximate attackers to cause a denial of service (crash) or execute arbitrary code in third-party wireless software that uses the API via crafted frames."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2006-09-25T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "22068", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/22068"}, {"name": "ADV-2006-3737", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2006/3737"}, {"name": "APPLE-SA-2006-09-21", "tags": ["vendor-advisory", "x_refsource_APPLE"], "url": "http://lists.apple.com/archives/Security-announce/2006/Sep/msg00001.html"}, {"name": "VU#563492", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "http://www.kb.cert.org/vuls/id/563492"}, {"name": "1016903", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1016903"}, {"name": "20144", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/20144"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-3509", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Integer overflow in the API for the AirPort wireless driver on Apple Mac OS X 10.4.7 might allow physically proximate attackers to cause a denial of service (crash) or execute arbitrary code in third-party wireless software that uses the API via crafted frames."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "22068", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/22068"}, {"name": "ADV-2006-3737", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/3737"}, {"name": "APPLE-SA-2006-09-21", "refsource": "APPLE", "url": "http://lists.apple.com/archives/Security-announce/2006/Sep/msg00001.html"}, {"name": "VU#563492", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/563492"}, {"name": "1016903", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1016903"}, {"name": "20144", "refsource": "BID", "url": "http://www.securityfocus.com/bid/20144"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T18:30:34.383Z"}, "title": "CVE Program Container", "references": [{"name": "22068", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/22068"}, {"name": "ADV-2006-3737", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2006/3737"}, {"name": "APPLE-SA-2006-09-21", "tags": ["vendor-advisory", "x_refsource_APPLE", "x_transferred"], "url": "http://lists.apple.com/archives/Security-announce/2006/Sep/msg00001.html"}, {"name": "VU#563492", "tags": ["third-party-advisory", "x_refsource_CERT-VN", "x_transferred"], "url": "http://www.kb.cert.org/vuls/id/563492"}, {"name": "1016903", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1016903"}, {"name": "20144", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/20144"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-3509", "datePublished": "2006-09-21T21:00:00", "dateReserved": "2006-07-10T00:00:00", "dateUpdated": "2024-08-07T18:30:34.383Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.7:*:*:*:*:*:*:*", "matchCriteriaId": "8719F3C4-F1DE-49B5-9301-22414A2B6F9C", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.7:*:*:*:*:*:*:*", "matchCriteriaId": "8AC9692A-CE81-446D-B136-449662C4B9A2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Integer overflow in the API for the AirPort wireless driver on Apple Mac OS X 10.4.7 might allow physically proximate attackers to cause a denial of service (crash) or execute arbitrary code in third-party wireless software that uses the API via crafted frames."}, {"lang": "es", "value": "Desbordamiento de enteros en la API para el controlador de AirPort Wireless sobre Apple Mac OS X 10.4.7 que permitir\u00edan a un atacante cercano fisicamente provocar denegaci\u00f3n de serivicio(caida) o ejecutar c\u00f3digo de su elecci\u00f3n con un software de terceros que utiliza el API a trav\u00e9s de marcos artesanales."}], "id": "CVE-2006-3509", "lastModified": "2024-11-21T00:13:47.070", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2006-09-21T21:07:00.000", "references": [{"source": "cve@mitre.org", "url": "http://lists.apple.com/archives/Security-announce/2006/Sep/msg00001.html"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/22068"}, {"source": "cve@mitre.org", "url": "http://securitytracker.com/id?1016903"}, {"source": "cve@mitre.org", "tags": ["US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/563492"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/20144"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2006/3737"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.apple.com/archives/Security-announce/2006/Sep/msg00001.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/22068"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1016903"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/563492"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/20144"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2006/3737"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}