CVE-2007-0022

Name of the Vulnerable Software and Affected Versions Apple Mac OS X version 10.4.8

Description The issue is related to an untrusted search path vulnerability in the writeconfig component of Apple Mac OS X. This vulnerability allows local users to gain privileges by modifying the PATH environment variable to point to a malicious launchctl program.

Recommendations For Apple Mac OS X version 10.4.8, consider restricting access to the launchctl program to minimize the risk of exploitation until a patch is available.