CVE-2007-5829

Name of the Vulnerable Software and Affected Versions Symantec AntiVirus for Macintosh versions 9.x through 10.x Norton AntiVirus for Macintosh versions 10.0 through 10.1 Norton Internet Security for Macintosh versions 3.x

Description The issue concerns a weakness in the Disk Mount scanner's directory permissions, which are group writable. This weakness can be exploited by local admin users to gain root privileges. The exploitation occurs when a user with physical access inserts a disk and the "Show Progress During Mount Scans" option is enabled, allowing the replacement of unspecified files that are executed during this process.

Recommendations For Symantec AntiVirus for Macintosh versions 9.x through 10.x, consider disabling the "Show Progress During Mount Scans" option to minimize the risk of exploitation. For Norton AntiVirus for Macintosh versions 10.0 through 10.1, restrict access to the directory used by the Disk Mount scanner to prevent unauthorized file replacements. For Norton Internet Security for Macintosh versions 3.x, avoid using the Disk Mount scanner feature until a fix is applied, and ensure that physical access to the system is strictly controlled.