PT-2007-1518 · Apple · Macos X

Published

2007-01-23

Updated

2017-07-29

CVE-2007-0022

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Apple Mac OS X version 10.4.8

Description The issue is related to an untrusted search path vulnerability in the writeconfig component of Apple Mac OS X. This vulnerability allows local users to gain privileges by modifying the PATH environment variable to point to a malicious launchctl program.

Recommendations For Apple Mac OS X version 10.4.8, consider restricting access to the launchctl program to minimize the risk of exploitation until a patch is available.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2007-0022

Affected Products

Macos X

PT-2007-1518 · Apple · Macos X

CVE-2007-0022

Related Identifiers

Affected Products

References · 13