Lucene search

[email protected]CVE-2007-0162

HistoryJan 10, 2007 - 12:28 a.m.

CVE-2007-0162

2007-01-1000:28:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

unsanity

ape

insecure permissions

local privilege escalation

6.9 Medium

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:S/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

0.4%

JSON

Unsanity Application Enhancer (APE) 2.0.2 installs with insecure permissions for the (1) ApplicationEnhancer binary and the (2) /Library/Frameworks/ApplicationEnhancer.framework directory, which allows local users to gain privileges by modifying or replacing the binary or library files.

CPENameOperatorVersion
unsanity:application_enhancerunsanity application enhancereq2.0.2

CPE	Name	Operator	Version
unsanity:application_enhancer	unsanity application enhancer	eq	2.0.2

References

landonf.bikemonkey.org/code/macosx/MOAB_Day_8.20070109002959.18582.timor.html

osvdb.org/32661

projects.info-pull.com/moab/MOAB-08-01-2007.html

secunia.com/advisories/23649

www.securityfocus.com/bid/21951

exchange.xforce.ibmcloud.com/vulnerabilities/31349

6.9 Medium

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:S/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

0.4%

JSON

Related for CVE-2007-0162

cvelist1 securityvulns1 prion1