{ "schema_version": "1.4.0", "id": "GHSA-vfxp-4fv7-7wjm", "modified": "2022-05-01T06:54:49Z", "published": "2022-05-01T06:54:49Z", "aliases": [ "CVE-2006-1985" ], "details": "Heap-based buffer overflow in BOM BOMArchiveHelper 10.4 (6.3) Build 312, as used in Mac OS X 10.4.6 and earlier, allows user-assisted attackers to execute arbitrary code via a crafted archive (such as ZIP) that contains long path names, which triggers an error in the BOMStackPop function.", "severity": [], "affected": [], "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-1985" }, { "type": "WEB", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25945" }, { "type": "WEB", "url": "http://lists.apple.com/archives/security-announce/2006/May/msg00003.html" }, { "type": "WEB", "url": "http://secunia.com/advisories/19686" }, { "type": "WEB", "url": "http://secunia.com/advisories/20077" }, { "type": "WEB", "url": "http://securitytracker.com/id?1016082" }, { "type": "WEB", "url": "http://www.osvdb.org/24819" }, { "type": "WEB", "url": "http://www.security-protocols.com/modules.php?name=News&file=article&sid=3233" }, { "type": "WEB", "url": "http://www.security-protocols.com/sp-x25-advisory.php" }, { "type": "WEB", "url": "http://www.securityfocus.com/bid/17634" }, { "type": "WEB", "url": "http://www.securityfocus.com/bid/17951" }, { "type": "WEB", "url": "http://www.us-cert.gov/cas/techalerts/TA06-132A.html" }, { "type": "WEB", "url": "http://www.vupen.com/english/advisories/2006/1452" }, { "type": "WEB", "url": "http://www.vupen.com/english/advisories/2006/1779" } ], "database_specific": { "cwe_ids": [ "CWE-119" ], "severity": "MODERATE", "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2006-04-21T22:02:00Z" } }