Vulnerabilities > CVE-2007-0117 - Unspecified vulnerability in Apple mac OS X and mac OS X Server

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

apple

NVD

Published: 2007-01-09

Updated: 2011-03-08

Summary

DiskManagementTool in the DiskManagement.framework 92.29 on Mac OS X 10.4.8 does not properly validate Bill of Materials (BOM) files, which allows attackers to gain privileges via a BOM file under /Library/Receipts/, which triggers arbitrary file permission changes upon execution of a diskutil permission repair operation.

Vulnerable Configurations

Part	Description	Count
OS	Apple Apple MAC OS X Server 10.4.8 Apple MAC OS X 10.4.8	2

References

http://projects.info-pull.com/moab/MOAB-05-01-2007.html
http://www.securityfocus.com/bid/21899
http://secunia.com/advisories/23653
http://osvdb.org/31167
http://www.vupen.com/english/advisories/2007/0074