Sign-up

ID

VAR-200702-0380


CVE

CVE-2007-0644


TITLE

Apple Safari Format string vulnerability

Trust: 1.4

sources: JVNDB: JVNDB-2007-001491 // CNNVD: CNNVD-200701-590

DESCRIPTION

Format string vulnerability in Apple Safari 2.0.4 (419.3) allows remote user-assisted attackers to cause a denial of service (crash) via format string specifiers in filenames that are not properly handled when calling the (1) NSLog and (2) NSBeginAlertSheet Apple AppKit functions. Multiple products for Mac OS X are prone to multiple remote format-string vulnerabilities. The affected applications include Help Viewer, Safari, iPhoto, and iMovie. Exploiting these issues can allow attacker-supplied data to be written to arbitrary memory locations, which can facilitate the execution of arbitrary machine code with the privileges of a targeted application. Failed exploit attempts will likely crash the application. Help Viewer 3.0.0, Safari 2.0.4, iMovie HD 6.0.3, and iPhoto 6.0.5 are reported affected; other versions may be vulnerable as well

Trust: 1.98

sources: NVD: CVE-2007-0644 // JVNDB: JVNDB-2007-001491 // BID: 22326 // VULHUB: VHN-24006

AFFECTED PRODUCTS

vendor:applemodel:safariscope:eqversion:2.0.4_419.3

Trust: 1.6

vendor:applemodel:safariscope:eqversion:2.0.4

Trust: 1.1

vendor:applemodel:mac os serverscope:eqversion:x10.4.10

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.4.9

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.4.8

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.4.7

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.4.6

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.4.5

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.4.4

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.4.3

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.4.2

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.4.1

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.4

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.3.9

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.4.10

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.4.9

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.4.8

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.4.7

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.4.6

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.4.5

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.4.4

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.4.3

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.4.2

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.4.1

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.4

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.3.9

Trust: 0.3

vendor:applemodel:iphotoscope:eqversion:6.0.5(316)

Trust: 0.3

vendor:applemodel:imovie hdscope:eqversion:6.0.3

Trust: 0.3

vendor:applemodel:help viewerscope:eqversion:3.0

Trust: 0.3

vendor:applemodel:mac os serverscope:neversion:x10.4.11

Trust: 0.3

vendor:applemodel:mac osscope:neversion:x10.4.11

Trust: 0.3

sources: BID: 22326 // JVNDB: JVNDB-2007-001491 // CNNVD: CNNVD-200701-590 // NVD: CVE-2007-0644

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2007-0644
value: HIGH

Trust: 1.0

NVD: CVE-2007-0644
value: HIGH

Trust: 0.8

CNNVD: CNNVD-200701-590
value: HIGH

Trust: 0.6

VULHUB: VHN-24006
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2007-0644
severity: HIGH
baseScore: 7.1
vectorString: AV:N/AC:M/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-24006
severity: HIGH
baseScore: 7.1
vectorString: AV:N/AC:M/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-24006 // JVNDB: JVNDB-2007-001491 // CNNVD: CNNVD-200701-590 // NVD: CVE-2007-0644

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2007-0644

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200701-590

TYPE

format string

Trust: 0.6

sources: CNNVD: CNNVD-200701-590

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2007-001491

EXPLOIT AVAILABILITY
sources:
            
            
            VULHUB: VHN-24006

PATCH
title:Security Update 2007-004url:http://support.apple.com/kb/TA24690?viewlocale=en_US
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2007-001491

EXTERNAL IDS
db:NVDid:CVE-2007-0644
Trust: 2.8
db:BIDid:22326
Trust: 2.0
db:OSVDBid:32710
Trust: 1.7
db:JVNDBid:JVNDB-2007-001491
Trust: 0.8
db:CNNVDid:CNNVD-200701-590
Trust: 0.6
db:SEEBUGid:SSVID-83047
Trust: 0.1
db:EXPLOIT-DBid:29555
Trust: 0.1
db:VULHUBid:VHN-24006
Trust: 0.1
sources:
            
            
            VULHUB: VHN-24006 // 
            
            
            
            BID: 22326 // 
            
            
            
            JVNDB: JVNDB-2007-001491 // 
            
            
            
            CNNVD: CNNVD-200701-590 // 
            
            
            
            NVD: CVE-2007-0644

REFERENCES
url:http://www.securityfocus.com/bid/22326
Trust: 1.7
url:http://www.digitalmunition.com/moab-30-01-2007.html
Trust: 1.7
url:http://www.osvdb.org/32710
Trust: 1.7
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-0644
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-0644
Trust: 0.8
url:http://blog.trendmicro.com/chinese-weekend-compromise/
Trust: 0.3
url:http://software.cisco.com/download/navigator.html?mdfid=283613663
Trust: 0.3
url:http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?vname=js_iframe.ad
Trust: 0.3
url:http://www.digitalmunition.com/moab-30-01-2007.html#poc
Trust: 0.3
url:http://docs.info.apple.com/article.html?artnum=305391
Trust: 0.3
sources:
            
            
            VULHUB: VHN-24006 // 
            
            
            
            BID: 22326 // 
            
            
            
            JVNDB: JVNDB-2007-001491 // 
            
            
            
            CNNVD: CNNVD-200701-590 // 
            
            
            
            NVD: CVE-2007-0644

CREDITS
Discovered by LMH <lmh@info-pull.com> and KF.
Trust: 0.3
sources:
            
            
            BID: 22326

SOURCES
db:VULHUBid:VHN-24006
db:BIDid:22326
db:JVNDBid:JVNDB-2007-001491
db:CNNVDid:CNNVD-200701-590
db:NVDid:CVE-2007-0644

LAST UPDATE DATE
2025-04-10T20:22:36.288000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-24006date:2008-09-05T00:00:00
db:BIDid:22326date:2016-07-06T14:40:00
db:JVNDBid:JVNDB-2007-001491date:2012-06-26T00:00:00
db:CNNVDid:CNNVD-200701-590date:2007-02-02T00:00:00
db:NVDid:CVE-2007-0644date:2025-04-09T00:30:58.490

SOURCES RELEASE DATE
db:VULHUBid:VHN-24006date:2007-02-01T00:00:00
db:BIDid:22326date:2007-01-30T00:00:00
db:JVNDBid:JVNDB-2007-001491date:2012-06-26T00:00:00
db:CNNVDid:CNNVD-200701-590date:2007-01-31T00:00:00
db:NVDid:CVE-2007-0644date:2007-02-01T00:28:00