CVE-2007-0465

CVE Database · CVE-2007-0465

CVE-2007-0465

· N/AModified

CVSS v3.1

N/A

EPSS

18.33%

Published

Jan 30, 2007

Modified

Apr 22, 2026

Public PoC / Exploit (1)

All weaponized →

Exploit-DBApple Installer Package 2.1.5 - Filename Format String

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Format string vulnerability in Apple Installer 2.1.5 on Mac OS X 10.4.8 allows user-assisted remote attackers to execute arbitrary code via format string specifiers in a (1) PKG, (2) DISTZ, or (3) MPKG package filename.

Affected Products (2)

apple · installervulnerable

apple · mac_os_xvulnerable

References (20)

http://docs.info.apple.com/article.html?artnum=305391

http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html

http://projects.info-pull.com/moab/MOAB-26-01-2007.html

Exploit

http://secunia.com/advisories/24966

http://www.osvdb.org/32705

http://www.securityfocus.com/bid/22272

Exploit

http://www.securitytracker.com/id?1017940

http://www.us-cert.gov/cas/techalerts/TA07-109A.html

US Government Resource

http://www.vupen.com/english/advisories/2007/1470

https://exchange.xforce.ibmcloud.com/vulnerabilities/31883

KEV Catalog EPSS Scores Vendors All CVEs