Lucene search
MitreCVE-2007-1222HistoryMar 02, 2007 - 10:19 p.m.
CVE-2007-1222
2007-03-0222:19:00
mitre
web.nvd.nist.gov
26
cve-2007-1222
parallels desktop
mac
drag and drop
filesystem share
arbitrary code execution
launchd
CVSS2
7.2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
7.3
Confidence
High
EPSS
0
Percentile
5.1%
Parallels Desktop for Mac before 20070216 implements Drag and Drop by sharing the entire host filesystem as the .psf share, which allows local users of the guest operating system to write arbitrary files to the host filesystem, and execute arbitrary code via launchd by writing a plist file to a LaunchAgents directory.
Affected configurations
Node
applemac_os_xMatch10.4.9
parallelsparallels_desktop
| Vendor | Product | Version | CPE |
|---|---|---|---|
| apple | mac_os_x | 10.4.9 | cpe:2.3:o:apple:mac_os_x:10.4.9:*:*:*:*:*:*:* |
| parallels | parallels_desktop | * | cpe:2.3:a:parallels:parallels_desktop:*:*:*:*:*:*:*:* |
Related
prion
prion
Directory traversal
2007-03-02 22:19:00
cvelist
cvelist
CVE-2007-1222
2007-03-02 22:00:00
nvd
nvd
CVE-2007-1222
2007-03-02 22:19:00
CVSS2
7.2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
7.3
Confidence
High
EPSS
0
Percentile
5.1%
Related for CVE-2007-1222