Info

Disclosure

Feb 19, 2007

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Mar 05, 2007

Description

Classification

Location: Remote / Network Access, Context Dependent
Attack Type: Input Manipulation
Impact: Loss of Integrity
Solution: Upgrade
Exploit: Exploit Private
Disclosure: Vendor Verified, Coordinated Disclosure

Solution

Upgrade to version 7.1.5 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Unknown or Incomplete

References

Security Tracker: 1017725
CVE ID: 2007-0714 (see also: NVD)
Bugtraq ID: 22827 22844
Secunia Advisory ID: 24359
SCIP VulDB ID: 2972
ISS X-Force ID: 32819
Related OSVDB ID: 33898 33899 33900 33901 33903 33904 33905
CERT VU: 861817
VUPEN Advisory: ADV-2007-0825
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-03/0030.html
http://archives.neohapsis.com/archives/fulldisclosure/2007-03/0003.html
http://lists.apple.com/archives/Security-announce/2007/Mar/msg00000.html
http://www.securityfocus.com/archive/1/archive/1/461999/100/0/threaded
http://www.securityfocus.com/archive/1/archive/1/462153/100/0/threaded
Vendor Specific Advisory URL: http://docs.info.apple.com/article.html?artnum=305149
Other Advisory URL: http://secway.org/advisory/AD20070306.txt
http://www.zerodayinitiative.com/advisories/ZDI-07-010.html
US-CERT Cyber Security Alert: TA07-065A
CERT: TA07-065A

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/33902