← back
CVE-2009-1236

CVE-2009-1236

EPSS 8.4%
Heap-based buffer overflow in the AppleTalk networking stack in XNU 1228.3.13 and earlier on Apple Mac OS X 10.5.6 and earlier allows remote attackers to cause a denial of service (system crash) via a ZIP NOTIFY (aka ZIPOP_NOTIFY) packet that overwrites a certain ifPort structure member.
Affected products
n/a · n/a
public PoCs found1
cve_referencewww.exploit-db.com/exploits/8262unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://secunia.com/advisories/34424https://www.exploit-db.com/exploits/8262http://www.digit-labs.org/files/exploits/xnu-appletalk-zip.chttp://www.informationweek.com/news/hardware/mac/showArticle.jhtml?articleID=216401181http://www.securityfocus.com/bid/34201