Lucene search

[email protected]NVD:CVE-2007-1222

HistoryMar 02, 2007 - 10:19 p.m.

CVE-2007-1222

2007-03-0222:19:00

[email protected]

web.nvd.nist.gov

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

7.3 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Parallels Desktop for Mac before 20070216 implements Drag and Drop by sharing the entire host filesystem as the .psf share, which allows local users of the guest operating system to write arbitrary files to the host filesystem, and execute arbitrary code via launchd by writing a plist file to a LaunchAgents directory.

Affected configurations

NVD

Node

applemac_os_xMatch10.4.9

AND

parallelsparallels_desktop

References

lists.immunitysec.com/pipermail/dailydave/2007-February/004091.html

osvdb.org/33799

secunia.com/advisories/24171

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

7.3 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for NVD:CVE-2007-1222

cve1 cvelist1 prion1