Lucene search

[email protected]NVD:CVE-2007-1222

HistoryMar 02, 2007 - 10:19 p.m.

CVE-2007-1222

2007-03-0222:19:00

[email protected]

web.nvd.nist.gov

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.3

Confidence

High

EPSS

Percentile

5.1%

JSON

Parallels Desktop for Mac before 20070216 implements Drag and Drop by sharing the entire host filesystem as the .psf share, which allows local users of the guest operating system to write arbitrary files to the host filesystem, and execute arbitrary code via launchd by writing a plist file to a LaunchAgents directory.

Affected configurations

NVD

Node

applemac_os_xMatch10.4.9

AND

parallelsparallels_desktop

References

lists.immunitysec.com/pipermail/dailydave/2007-February/004091.html

osvdb.org/33799

secunia.com/advisories/24171

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.3

Confidence

High

EPSS

Percentile

5.1%

JSON

Related for NVD:CVE-2007-1222

cve1 prion1 cvelist1