CVE-2008-0999

Published: Mar 18, 2008Modified: Apr 23, 2026

7.1

Vector

AV:N/AC:M/Au:N/C:N/I:N/A:C

Exploitability: 8.6 / Impact: 6.9

Source: NVD

Description

Apple Mac OS X 10.5.2 allows user-assisted attackers to cause a denial of service (crash) via a crafted Universal Disc Format (UDF) disk image, which triggers a NULL pointer dereference.

Affected (2)

Products: Apple: Mac Os X, Mac Os X Server

Apple

2 products

Mac Os X

Mac Os X Server

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Apple Mac Os X	Version 10.5.2
Apple Mac Os X Server	Version 10.5.2

Related CWEs

CWE-20

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (18)

http://docs.info.apple.com/article.html?artnum=307562

Source: cve@mitre.org

http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html

Source: cve@mitre.org

Patch

http://secunia.com/advisories/29420

Source: cve@mitre.org

http://www.securityfocus.com/bid/28304

Source: cve@mitre.org

http://www.securityfocus.com/bid/28389

Source: cve@mitre.org

http://www.securitytracker.com/id?1019669

Source: cve@mitre.org

http://www.us-cert.gov/cas/techalerts/TA08-079A.html

Source: cve@mitre.org

US Government Resource

http://www.vupen.com/english/advisories/2008/0924/references

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/41280

Source: cve@mitre.org

http://docs.info.apple.com/article.html?artnum=307562