CVE-2006-4392

Name of the Vulnerable Software and Affected Versions Mach kernel versions used in Mac OS X 10.4 through 10.4.7 Mach kernel versions used in OpenStep before 4.2

Description The issue allows local users to gain privileges via a parent process that forces an exception in a setuid child and uses Mach exception ports to modify the child's thread context and task address space. This modification causes the child to call a parent-controlled function.

Recommendations For Mac OS X 10.4 through 10.4.7, update to a version outside of this range to resolve the issue. For OpenStep before 4.2, update to version 4.2 or later to resolve the issue.