CVE-2007-0738

Name of the Vulnerable Software and Affected Versions Apple Mac OS X versions 10.4 through 10.4.9

Description The issue concerns the Login Window in Apple Mac OS X, where the screen saver authentication dialog is not displayed under certain conditions when the computer wakes from sleep. This occurs despite the option to require a password to wake the computer from sleep being enabled, allowing local users to bypass authentication controls.

Recommendations For Apple Mac OS X versions 10.4 through 10.4.9, consider disabling the sleep function or setting the computer to never sleep to minimize the risk of exploitation until a fix is available. As a temporary workaround, ensure that physical access to the computer is restricted to authorized personnel.