CVE-2006-1442

N/A Unknown

Published: May 12, 2006 Modified: April 16, 2026

Description

The bundle API in CoreFoundation in Apple Mac OS X 10.3.9 and 10.4.6 loads dynamic libraries even if the client application has not directly requested it, which allows attackers to execute arbitrary code from an untrusted bundle.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://lists.apple.com/archives/security-announce/2006/May/msg00003.html

Source: cve@mitre.org

Patch

http://secunia.com/advisories/20077

Source: cve@mitre.org

http://securitytracker.com/id?1016080

Source: cve@mitre.org

http://www.osvdb.org/25586

Source: cve@mitre.org

http://www.securityfocus.com/bid/17951

Source: cve@mitre.org

http://www.us-cert.gov/cas/techalerts/TA06-132A.html

Source: cve@mitre.org

US Government Resource

http://www.vupen.com/english/advisories/2006/1779

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/26407

Source: cve@mitre.org

http://lists.apple.com/archives/security-announce/2006/May/msg00003.html