First published: Wed Aug 02 2006(Updated: )
Unspecified vulnerability in the "compression state handling" in Bom for Apple Mac OS X 10.3.9 and 10.4.7 allows user-assisted attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted Zip archive.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Apple iOS and macOS | =10.4.7 | |
Apple macOS Server | =10.3.9 | |
Apple iOS and macOS | =10.3.9 | |
Apple macOS Server | =10.4.7 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2006-3497 has a severity level that implies a potential denial of service and the possibility of arbitrary code execution.
To fix CVE-2006-3497, you should update your Mac OS X to the latest version available to mitigate the vulnerability.
CVE-2006-3497 affects users of Apple Mac OS X versions 10.3.9 and 10.4.7, including the Server versions.
CVE-2006-3497 enables user-assisted attackers to cause application crashes and potentially execute arbitrary code via crafted Zip archives.
While there is no specific workaround for CVE-2006-3497, avoiding the use of suspicious Zip archives can reduce risk.