CVE-2004-1398 Information

Description

Format string vulnerability in prelink.c in kextload in Apple OS X as used by TDIXSupport in Roxio Toast Titanium and possibly other products allows local users to execute arbitrary code via format string specifiers in the extension argument.

Reference

http://lists.grok.org.uk/pipermail/full-disclosure/2006-September/049452.html http://marc.info/?l=bugtraq&m=110305083706943&w=2 http://www.netragard.com/pdfs/research/apple-kext-tools-20060822.txt http://www.securityfocus.com/bid/11926 http://www.securityfocus.com/bid/20031 https://exchange.xforce.ibmcloud.com/vulnerabilities/18472