CVE-2007-0345

Name of the Vulnerable Software and Affected Versions: Mac OS X version 10.4.8

Description: The issue concerns weak permissions in certain programs within Mac OS X, specifically the Activity Monitor.app, Keychain Access.app, and ODBC Administrator.app. These weak permissions allow local admin users to modify the programs and subsequently gain root privileges by performing permissions repair via diskutil.

Recommendations: For Mac OS X version 10.4.8, consider restricting write access to the affected programs to prevent local admin users from modifying them. As a temporary workaround, avoid using the diskutil permissions repair feature until a fix is available.