CVE-2010-0055

EUVD-2010-0087
xar in Apple Mac OS X 10.5.8 does not properly validate package signatures, which allows attackers to have an unspecified impact via a modified package.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
10 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 60%
Affected Products (NVD)
VendorProductVersion
applemac_os_x
10.5.8
applemac_os_x_server
10.5.8
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
xar
dapper
dne
hardy
ignored
intrepid
ignored
jaunty
ignored
karmic
ignored
lucid
ignored
maverick
dne
natty
dne
oneiric
dne
precise
dne
quantal
dne
raring
dne
saucy
dne
References
http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html
http://support.apple.com/kb/HT4077
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WXQ3NRRTC4A3F3GW2RQNATJHYDIRSCBS/
http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html
http://support.apple.com/kb/HT4077
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WXQ3NRRTC4A3F3GW2RQNATJHYDIRSCBS/