Unrated severityNVD Advisory· Published May 12, 2006· Updated Jun 16, 2026

CVE-2006-1442

Description

The bundle API in CoreFoundation in Apple Mac OS X 10.3.9 and 10.4.6 loads dynamic libraries even if the client application has not directly requested it, which allows attackers to execute arbitrary code from an untrusted bundle.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Apple Inc./Mac OS X3 versions
cpe:2.3:o:apple:mac_os_x:10.3.9:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:apple:mac_os_x:10.3.9:*:*:*:*:*:*:*
- cpe:2.3:o:apple:mac_os_x:10.4.6:*:*:*:*:*:*:*
- (no CPE)range: 10.3.9 and 10.4.6

Patches

Vulnerability mechanics

References

lists.apple.com/archives/security-announce/2006/May/msg00003.htmlnvdPatch
www.us-cert.gov/cas/techalerts/TA06-132A.htmlnvdUS Government Resource
secunia.com/advisories/20077nvd
securitytracker.com/idnvd
www.osvdb.org/25586nvd
www.securityfocus.com/bid/17951nvd
www.vupen.com/english/advisories/2006/1779nvd
exchange.xforce.ibmcloud.com/vulnerabilities/26407nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.002
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000