BUGTRAQ ID: 26877
CVE ID:CVE-2007-5862
CNCVE ID:CNCVE-20075862
Apple Mac OS X是一款商业性质的基于BSD的操作系统。
Apple Mac OS X在执行部分操作时不正确验证用户信任信息,远程攻击者可以利用漏洞进行安全绕过攻击,修改其他用户帐户等操作。
Keychain升级的访问检查可绕过,特定构建的JAVA APPLET可增加或删除用户keychain中的项目而不对用户进行任何提示操作。可能导致修改其他用户帐户等攻击。
Apple Mac OS X Server 10.4.11
Apple Mac OS X Server 10.4.10
Apple Mac OS X 10.4.11
Apple Mac OS X 10.4.10
补丁下载:
Apple Mac OS X Server 10.4.10
Apple Java for Mac OS X 10.4, Release 6
<a href=“http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=16540&cat= target=_blank”>http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=16540&cat=</a> 1&platform=osx&method=sa/JavaForMacOSX10.4Release6.dmg
Apple Mac OS X 10.4.10
Apple Java for Mac OS X 10.4, Release 6
<a href=“http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=16540&cat= target=_blank”>http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=16540&cat=</a> 1&platform=osx&method=sa/JavaForMacOSX10.4Release6.dmg
Apple Mac OS X Server 10.4.11
Apple Java for Mac OS X 10.4, Release 6
<a href=“http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=16540&cat= target=_blank”>http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=16540&cat=</a> 1&platform=osx&method=sa/JavaForMacOSX10.4Release6.dmg
Apple Mac OS X 10.4.11
Apple Java for Mac OS X 10.4, Release 6
<a href=“http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=16540&cat= target=_blank”>http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=16540&cat=</a> 1&platform=osx&method=sa/JavaForMacOSX10.4Release6.dmg