CVE-2007-0117

Name of the Vulnerable Software and Affected Versions DiskManagementTool in DiskManagement.framework version 92.29

Description The issue arises from the improper validation of Bill of Materials (BOM) files by the DiskManagementTool. This allows attackers to gain privileges through a BOM file located under /Library/Receipts/, which can trigger arbitrary file permission changes when a diskutil permission repair operation is executed.

Recommendations For DiskManagementTool in DiskManagement.framework version 92.29, consider restricting access to the /Library/Receipts/ directory to minimize the risk of exploitation until a proper fix is applied.