CVE-2007-3749

2007-11-15T01:46:00
ID CVE-2007-3749
Type cve
Reporter cve@mitre.org
Modified 2017-07-29T01:32:00

Description

The kernel in Apple Mac OS X 10.4 through 10.4.10 does not reset the current Mach Thread Port or Thread Exception Port when executing a setuid program, which allows local users to execute arbitrary code by creating the port before launching the setuid program, then writing to the address space of the setuid process.