CVE-2006-6061 - Vulnerability Details - OpenCVE

com.apple.AppleDiskImageController in Apple Mac OS X 10.4.8, and possibly other versions, allows remote attackers to execute arbitrary code via a malformed DMG image that triggers memory corruption. NOTE: the severity of this issue has been disputed by a third party, who states that the impact is limited to a denial of service (kernel panic) due to a vm_fault call with a non-aligned address.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Apple	Mac Os X Mac Os X Server

Configuration 1 [-]

OR	cpe:2.3:o:apple:mac_os_x:10.4.8:::::::*
	cpe:2.3:o:apple:mac_os_x_server:10.4.8:::::::*

No data.

References

Link	Providers
http://alastairs-place.net/2006/11/dmg-vulnerability/
http://docs.info.apple.com/article.html?artnum=305214
http://kernelfun.blogspot.com/2006/11/more-mokb-20-11-2006-related-news.html
http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html
http://projects.info-pull.com/mokb/MOKB-20-11-2006.html
http://secunia.com/advisories/23012
http://secunia.com/advisories/24479
http://securitytracker.com/id?1017260
http://www.kb.cert.org/vuls/id/367424
http://www.matasano.com/log/633/alastair-houghton-debunks-lmh-mokb-finding/
http://www.osvdb.org/30509
http://www.securityfocus.com/bid/21201
http://www.securitytracker.com/id?1017751
http://www.us-cert.gov/cas/techalerts/TA07-072A.html
http://www.vupen.com/english/advisories/2006/4629
http://www.vupen.com/english/advisories/2007/0930
https://exchange.xforce.ibmcloud.com/vulnerabilities/30440

History

Fri, 11 Jul 2025 13:45:00 +0000

Type	Values Removed	Values Added
Metrics	epss `{'score': 0.36746}`	epss `{'score': 0.37594}`

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2006-11-22T01:00:00

Updated: 2024-08-07T20:12:31.580Z

Reserved: 2006-11-21T00:00:00

Link: CVE-2006-6061

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2006-11-22T01:07:00.000

Modified: 2025-04-09T00:30:58.490

Link: CVE-2006-6061

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2006-11-20T00:00:00", "descriptions": [{"lang": "en", "value": "com.apple.AppleDiskImageController in Apple Mac OS X 10.4.8, and possibly other versions, allows remote attackers to execute arbitrary code via a malformed DMG image that triggers memory corruption. NOTE: the severity of this issue has been disputed by a third party, who states that the impact is limited to a denial of service (kernel panic) due to a vm_fault call with a non-aligned address."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-19T15:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "http://alastairs-place.net/2006/11/dmg-vulnerability/"}, {"name": "TA07-072A", "tags": ["third-party-advisory", "x_refsource_CERT"], "url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"}, {"name": "APPLE-SA-2007-03-13", "tags": ["vendor-advisory", "x_refsource_APPLE"], "url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://docs.info.apple.com/article.html?artnum=305214"}, {"name": "1017751", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1017751"}, {"name": "23012", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/23012"}, {"tags": ["x_refsource_MISC"], "url": "http://www.matasano.com/log/633/alastair-houghton-debunks-lmh-mokb-finding/"}, {"name": "ADV-2006-4629", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2006/4629"}, {"name": "30509", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/30509"}, {"tags": ["x_refsource_MISC"], "url": "http://projects.info-pull.com/mokb/MOKB-20-11-2006.html"}, {"name": "VU#367424", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "http://www.kb.cert.org/vuls/id/367424"}, {"name": "ADV-2007-0930", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/0930"}, {"name": "1017260", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1017260"}, {"name": "21201", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/21201"}, {"tags": ["x_refsource_MISC"], "url": "http://kernelfun.blogspot.com/2006/11/more-mokb-20-11-2006-related-news.html"}, {"name": "macosx-dmg-code-execution(30440)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30440"}, {"name": "24479", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/24479"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-6061", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "com.apple.AppleDiskImageController in Apple Mac OS X 10.4.8, and possibly other versions, allows remote attackers to execute arbitrary code via a malformed DMG image that triggers memory corruption. NOTE: the severity of this issue has been disputed by a third party, who states that the impact is limited to a denial of service (kernel panic) due to a vm_fault call with a non-aligned address."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://alastairs-place.net/2006/11/dmg-vulnerability/", "refsource": "MISC", "url": "http://alastairs-place.net/2006/11/dmg-vulnerability/"}, {"name": "TA07-072A", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"}, {"name": "APPLE-SA-2007-03-13", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"}, {"name": "http://docs.info.apple.com/article.html?artnum=305214", "refsource": "CONFIRM", "url": "http://docs.info.apple.com/article.html?artnum=305214"}, {"name": "1017751", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1017751"}, {"name": "23012", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23012"}, {"name": "http://www.matasano.com/log/633/alastair-houghton-debunks-lmh-mokb-finding/", "refsource": "MISC", "url": "http://www.matasano.com/log/633/alastair-houghton-debunks-lmh-mokb-finding/"}, {"name": "ADV-2006-4629", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/4629"}, {"name": "30509", "refsource": "OSVDB", "url": "http://www.osvdb.org/30509"}, {"name": "http://projects.info-pull.com/mokb/MOKB-20-11-2006.html", "refsource": "MISC", "url": "http://projects.info-pull.com/mokb/MOKB-20-11-2006.html"}, {"name": "VU#367424", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/367424"}, {"name": "ADV-2007-0930", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/0930"}, {"name": "1017260", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1017260"}, {"name": "21201", "refsource": "BID", "url": "http://www.securityfocus.com/bid/21201"}, {"name": "http://kernelfun.blogspot.com/2006/11/more-mokb-20-11-2006-related-news.html", "refsource": "MISC", "url": "http://kernelfun.blogspot.com/2006/11/more-mokb-20-11-2006-related-news.html"}, {"name": "macosx-dmg-code-execution(30440)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30440"}, {"name": "24479", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/24479"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T20:12:31.580Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://alastairs-place.net/2006/11/dmg-vulnerability/"}, {"name": "TA07-072A", "tags": ["third-party-advisory", "x_refsource_CERT", "x_transferred"], "url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"}, {"name": "APPLE-SA-2007-03-13", "tags": ["vendor-advisory", "x_refsource_APPLE", "x_transferred"], "url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://docs.info.apple.com/article.html?artnum=305214"}, {"name": "1017751", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1017751"}, {"name": "23012", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/23012"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.matasano.com/log/633/alastair-houghton-debunks-lmh-mokb-finding/"}, {"name": "ADV-2006-4629", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2006/4629"}, {"name": "30509", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/30509"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://projects.info-pull.com/mokb/MOKB-20-11-2006.html"}, {"name": "VU#367424", "tags": ["third-party-advisory", "x_refsource_CERT-VN", "x_transferred"], "url": "http://www.kb.cert.org/vuls/id/367424"}, {"name": "ADV-2007-0930", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2007/0930"}, {"name": "1017260", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1017260"}, {"name": "21201", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/21201"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://kernelfun.blogspot.com/2006/11/more-mokb-20-11-2006-related-news.html"}, {"name": "macosx-dmg-code-execution(30440)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30440"}, {"name": "24479", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/24479"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-6061", "datePublished": "2006-11-22T01:00:00", "dateReserved": "2006-11-21T00:00:00", "dateUpdated": "2024-08-07T20:12:31.580Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.8:*:*:*:*:*:*:*", "matchCriteriaId": "09ED46A8-1739-411C-8807-2A416BDB6DFE", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.8:*:*:*:*:*:*:*", "matchCriteriaId": "504D78AB-5374-48C9-B357-DB6BD2267D2D", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "com.apple.AppleDiskImageController in Apple Mac OS X 10.4.8, and possibly other versions, allows remote attackers to execute arbitrary code via a malformed DMG image that triggers memory corruption. NOTE: the severity of this issue has been disputed by a third party, who states that the impact is limited to a denial of service (kernel panic) due to a vm_fault call with a non-aligned address."}, {"lang": "es", "value": "com.apple.AppleDiskImagecontroller en Apple Mac OS X 10.4.8, y posiblemente otras versiones, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante una imagen DMG mal formada que provoca una corrupci\u00f3n de memoria. NOTA: la severidad de este asunto ha sido impugnada por una tercera parte, la cual afirma que el impacto est\u00e1 limitado a una denegaci\u00f3n de servicio (error irrecuperable en el n\u00facleo del sistema, kernel panic) debido a una llamada vm_faultcon una direcci\u00f3n no alineada."}], "id": "CVE-2006-6061", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2006-11-22T01:07:00.000", "references": [{"source": "cve@mitre.org", "url": "http://alastairs-place.net/2006/11/dmg-vulnerability/"}, {"source": "cve@mitre.org", "url": "http://docs.info.apple.com/article.html?artnum=305214"}, {"source": "cve@mitre.org", "url": "http://kernelfun.blogspot.com/2006/11/more-mokb-20-11-2006-related-news.html"}, {"source": "cve@mitre.org", "url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Vendor Advisory"], "url": "http://projects.info-pull.com/mokb/MOKB-20-11-2006.html"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/23012"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/24479"}, {"source": "cve@mitre.org", "url": "http://securitytracker.com/id?1017260"}, {"source": "cve@mitre.org", "tags": ["US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/367424"}, {"source": "cve@mitre.org", "url": "http://www.matasano.com/log/633/alastair-houghton-debunks-lmh-mokb-finding/"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/30509"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/21201"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id?1017751"}, {"source": "cve@mitre.org", "tags": ["US Government Resource"], "url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2006/4629"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2007/0930"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30440"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://alastairs-place.net/2006/11/dmg-vulnerability/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://docs.info.apple.com/article.html?artnum=305214"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://kernelfun.blogspot.com/2006/11/more-mokb-20-11-2006-related-news.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Vendor Advisory"], "url": "http://projects.info-pull.com/mokb/MOKB-20-11-2006.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/23012"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/24479"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1017260"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/367424"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.matasano.com/log/633/alastair-houghton-debunks-lmh-mokb-finding/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/30509"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/21201"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1017751"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["US Government Resource"], "url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2006/4629"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2007/0930"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30440"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}