Lucene search

[email protected]CVE-2007-0022

HistoryJan 23, 2007 - 12:28 a.m.

CVE-2007-0022

2007-01-2300:28:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2007-0022

untrusted search path vulnerability

writeconfig

apple

mac os x 10.4.8

privilege escalation

nvd

6.2 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

12.4%

JSON

Untrusted search path vulnerability in writeconfig in Apple Mac OS X 10.4.8 allows local users to gain privileges via a modified PATH that points to a malicious launchctl program.

CPENameOperatorVersion
apple:mac_os_xapple mac os xeq10.4.8

CPE	Name	Operator	Version
apple:mac_os_x	apple mac os x	eq	10.4.8

References

docs.info.apple.com/article.html?artnum=305391

lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html

projects.info-pull.com/moab/MOAB-21-01-2007.html

secunia.com/advisories/23793

secunia.com/advisories/24966

www.osvdb.org/31605

www.securityfocus.com/bid/22148

www.securitytracker.com/id?1017941

www.us-cert.gov/cas/techalerts/TA07-109A.html

www.vupen.com/english/advisories/2007/0074

www.vupen.com/english/advisories/2007/1470

exchange.xforce.ibmcloud.com/vulnerabilities/31677

6.2 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

12.4%

JSON

Related for CVE-2007-0022

securityvulns1 prion1 packetstorm1 nessus1