PT-2007-2198 · Apple · Macos X

Published

2007-04-24

Updated

2013-07-03

CVE-2007-0747

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Apple Mac OS X versions 10.3.9 through 10.4.9

Description The issue concerns a problem with the load webdav component in Apple Mac OS X, where it fails to properly clean the environment when mounting a WebDAV filesystem. This allows local users to potentially gain privileges by setting unspecified environment variables, such as environment variables.

Recommendations For Apple Mac OS X versions 10.3.9 through 10.4.9, consider restricting access to the load webdav component until a proper fix is applied, and avoid setting sensitive environment variables when mounting WebDAV filesystems.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2007-0747

Affected Products

Macos X

PT-2007-2198 · Apple · Macos X

CVE-2007-0747

Related Identifiers

Affected Products

References · 10