PT-2006-5208 · Apple · Macos X

Published

2006-11-30

Updated

2011-03-08

CVE-2006-4404

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Apple Mac OS X versions prior to 10.4.8

Description The Installer application in Apple Mac OS X does not authenticate the user before installing certain software requiring system privileges when used by a user with Admin credentials.

Recommendations For Apple Mac OS X versions prior to 10.4.8, consider restricting the use of the Installer application to minimize the risk of exploitation until a fix is available. As a temporary workaround, ensure that only trusted users have Admin credentials to reduce the potential for unauthorized software installation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2006-4404

Affected Products

Macos X

PT-2006-5208 · Apple · Macos X

CVE-2006-4404

Related Identifiers

Affected Products

References · 9