CVE-2007-0724

Sažetak

The IOKit HID interface in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 does not sufficiently limit access to certain controls, which allows local users to gain privileges by using HID device events to read keystrokes from the console.

Reference

http://docs.info.apple.com/article.html?artnum=305214
http://docs.info.apple.com/article.html?artnum=305391
http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html
http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html
http://secunia.com/advisories/24479
http://secunia.com/advisories/24966
http://www.osvdb.org/34855
http://www.securityfocus.com/bid/22948
http://www.securitytracker.com/id?1017751
http://www.securitytracker.com/id?1017942
http://www.us-cert.gov/cas/techalerts/TA07-072A.html
http://www.us-cert.gov/cas/techalerts/TA07-109A.html
http://www.vupen.com/english/advisories/2007/0930
http://www.vupen.com/english/advisories/2007/1470
https://exchange.xforce.ibmcloud.com/vulnerabilities/32973

CVSS

Base:	6.9
Impact:	10.0
Exploitability:	3.4

Pristup

Vektor	Složenost	Autentikacija
LOCAL	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:L/AC:M/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

29-07-2017 - 01:30

Objavljeno

13-03-2007 - 22:19