{
  "id": "CVE-2006-6173",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2006-11-30T16:28:00.000",
  "lastModified": "2017-07-29T01:29:22.203",
  "vulnStatus": "Modified",
  "descriptions": [
    {
      "lang": "en",
      "value": "Buffer overflow in the shared_region_make_private_np function in vm/vm_unix.c in Mac OS X 10.4.6 and earlier allows local users to execute arbitrary code via (1) a small range count, which causes insufficient memory allocation, or (2) a large number of ranges in the shared_region_make_private_np_args parameter."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de b\u00fafer en la funci\u00f3n shared_region_make_private_np de vm/vm_unix.c de Mac OS X 10.4.6 y versiones anteriores permite a usuarios locales ejecutar c\u00f3digo de su elecci\u00f3n mediante (1) un contador de rango peque\u00f1o, que provoca insuficiencia de reserva de memoria, \u00f3 (2) un gran n\u00famero de rangos en el par\u00e1metro shared_region_make_private_np_args."
    }
  ],
  "metrics": {
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "accessVector": "LOCAL",
          "accessComplexity": "LOW",
          "authentication": "NONE",
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2
        },
        "baseSeverity": "HIGH",
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "acInsufInfo": false,
        "obtainAllPrivilege": true,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": false
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
              "versionEndIncluding": "10.4.6",
              "matchCriteriaId": "64FE6DF4-2A1B-4867-B047-4BC32BDF926C"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "http://docs.info.apple.com/article.html?artnum=305214",
      "source": "cve@mitre.org"
    },
    {
      "url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html",
      "source": "cve@mitre.org"
    },
    {
      "url": "http://projects.info-pull.com/mokb/MOKB-28-11-2006.html",
      "source": "cve@mitre.org"
    },
    {
      "url": "http://securitytracker.com/id?1017306",
      "source": "cve@mitre.org"
    },
    {
      "url": "http://www.securityfocus.com/bid/21349",
      "source": "cve@mitre.org"
    },
    {
      "url": "http://www.securitytracker.com/id?1017751",
      "source": "cve@mitre.org"
    },
    {
      "url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html",
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ]
    },
    {
      "url": "http://www.vupen.com/english/advisories/2006/4762",
      "source": "cve@mitre.org"
    },
    {
      "url": "http://www.vupen.com/english/advisories/2007/0930",
      "source": "cve@mitre.org"
    },
    {
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30569",
      "source": "cve@mitre.org"
    }
  ]
}