Vulnerabilities > CVE-2017-2675

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

objective-development

obdev

NVD

Published: 2017-04-06

Updated: 2023-11-07

Summary

Little Snitch version 3.0 through 3.7.3 suffer from a local privilege escalation vulnerability in the installer part. The vulnerability is related to the installation of the configuration file "at.obdev.littlesnitchd.plist" which gets installed to /Library/LaunchDaemons.

Vulnerable Configurations

Part	Description	Count
Application	Objective_Development Objective Development Little Snitch 3.7.3 Objective Development Little Snitch 3.6.3 Objective Development Little Snitch 3.7.2 Objective Development Little Snitch 3.7 Objective Development Little Snitch 3.7.1 Objective Development Little Snitch 3.6.2 Objective Development Little Snitch 3.6.4	7
Application	Obdev Obdev Little Snitch 3.0 Obdev Little Snitch 3.0.1 Obdev Little Snitch 3.0.2 Obdev Little Snitch 3.0.3 Obdev Little Snitch 3.0.4 Obdev Little Snitch 3.1 Obdev Little Snitch 3.1.1 Obdev Little Snitch 3.3 Obdev Little Snitch 3.3.1 Obdev Little Snitch 3.3.2 Obdev Little Snitch 3.3.3 Obdev Little Snitch 3.3.4 Obdev Little Snitch 3.4 Obdev Little Snitch 3.4.1 Obdev Little Snitch 3.4.2 Obdev Little Snitch 3.5 Obdev Little Snitch 3.5.1 Obdev Little Snitch 3.5.2 Obdev Little Snitch 3.5.3 Obdev Little Snitch 3.6 Obdev Little Snitch 3.6.1	21

Vulnerabilities > CVE-2017-2675 {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"CVE-2017-2675"}]}

Summary

Vulnerable Configurations

References

Vulnerabilities > CVE-2017-2675