FKIE_CVE-2008-4219

Vulnerability from fkie_nvd - Published: 2008-12-17 01:30 - Updated: 2026-04-23 00:35
Severity
Summary
The kernel in Apple Mac OS X before 10.5.6 allows local users to cause a denial of service (infinite loop and system halt) by running an application that is dynamically linked to libraries on an NFS server, related to occurrence of an exception in this application.
References
cve@mitre.orghttp://lists.apple.com/archives/security-announce//2008//Dec/msg00000.htmlVendor Advisory
cve@mitre.orghttp://secunia.com/advisories/33179Vendor Advisory
cve@mitre.orghttp://support.apple.com/kb/HT3338Vendor Advisory
cve@mitre.orghttp://www.securityfocus.com/bid/32839
cve@mitre.orghttp://www.securityfocus.com/bid/32873
cve@mitre.orghttp://www.securitytracker.com/id?1021404
cve@mitre.orghttp://www.us-cert.gov/cas/techalerts/TA08-350A.htmlUS Government Resource
cve@mitre.orghttp://www.vupen.com/english/advisories/2008/3444
af854a3a-2127-422b-91ae-364da2661108http://lists.apple.com/archives/security-announce//2008//Dec/msg00000.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/33179Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://support.apple.com/kb/HT3338Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/32839
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/32873
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1021404
af854a3a-2127-422b-91ae-364da2661108http://www.us-cert.gov/cas/techalerts/TA08-350A.htmlUS Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/3444
Impacted products
Vendor Product Version
apple mac_os_x *
apple mac_os_x 10.5
apple mac_os_x 10.5.1
apple mac_os_x 10.5.2
apple mac_os_x 10.5.3
apple mac_os_x 10.5.4
apple mac_os_x_server *
apple mac_os_x_server 10.5
apple mac_os_x_server 10.5.1
apple mac_os_x_server 10.5.2
apple mac_os_x_server 10.5.3
apple mac_os_x_server 10.5.4
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E75D6FCB-40E7-4A52-A4CC-CB99C64FA319",
              "versionEndIncluding": "10.5.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2442D35-7484-43D8-9077-3FDF63104816",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F3E721C-00CA-4D51-B542-F2BC5C0D65BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3267A41-1AE0-48B8-BD1F-DEC8A212851A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "855288F1-0242-4951-AB3F-B7AF13E21CF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "10082781-B93E-4B84-94F2-FA9749B4D92B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "59451C51-8DF8-40AB-8B57-40FD70E69DB8",
              "versionEndIncluding": "10.5.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "20E8648C-5469-4280-A581-D4A9A41B7213",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "77E8D614-E1EE-42F1-9E55-EA54FB500621",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C73BED9E-29FB-4965-B38F-013FFE5A9170",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3B7DEC3-1C0B-4D13-98CD-CB7FAE7933B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "7723A9E8-1DE2-4C7D-81E6-4F79DCB09324",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The kernel in Apple Mac OS X before 10.5.6 allows local users to cause a denial of service (infinite loop and system halt) by running an application that is dynamically linked to libraries on an NFS server, related to occurrence of an exception in this application."
    },
    {
      "lang": "es",
      "value": "El n\u00facleo en Apple Mac OS X versiones anteriores a 10.5.6 permite a usuarios locales provocar una denegaci\u00f3n de servicio (bucle infinito y parada del sistema) mediante la ejecuci\u00f3n de una aplicaci\u00f3n que est\u00e1 din\u00e1micamente enlazada a librebr\u00edas en un servidor NFS, relacionado con la aparici\u00f3n de una excepci\u00f3n es esta aplicaci\u00f3n."
    }
  ],
  "id": "CVE-2008-4219",
  "lastModified": "2026-04-23T00:35:47.467",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 4.9,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-12-17T01:30:00.343",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://lists.apple.com/archives/security-announce//2008//Dec/msg00000.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/33179"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://support.apple.com/kb/HT3338"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/32839"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/32873"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1021404"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA08-350A.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2008/3444"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://lists.apple.com/archives/security-announce//2008//Dec/msg00000.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/33179"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://support.apple.com/kb/HT3338"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/32839"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/32873"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1021404"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA08-350A.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/3444"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.





Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.


Detection rules are retrieved from Rulezet.