PT-2007-6822 · Oracle+1 · Java+1

Published

2007-12-18

Updated

2011-03-08

CVE-2007-5862

CVSS v2.0

9.4

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:N

Name of the Vulnerable Software and Affected Versions Mac OS X versions 10.4 through 10.4.11

Description The issue allows remote attackers to bypass Keychain access controls, enabling them to add or delete arbitrary Keychain items. This is achieved through a crafted Java applet.

Recommendations For Mac OS X versions 10.4 through 10.4.11, consider disabling Java applets until a patch is available to prevent exploitation.

Exploit

Fix

Improper Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-287

Related Identifiers

CVE-2007-5862

Affected Products

Java

Macos X

PT-2007-6822 · Oracle+1 · Java+1

CVE-2007-5862

Weakness Enumeration

Related Identifiers

Affected Products

References · 6