CVE-2007-0729 — Apple MAC OS X vulnerability

CWE-2642 documents2 sources

Severity

7.2HIGHNVD

EPSS

0.1%

top 75.25%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple MAC OS X Apple MAC OS X Preview.app Apple MAC OS X Server

Timeline

PublishedApr 24

Latest updateMay 1

Description

Apple File Protocol (AFP) Client in Apple Mac OS X 10.3.9 through 10.4.9 does not properly clean the environment before executing commands, which allows local users to gain privileges by setting unspecified environment variables.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages3 packages

▶NVDapple/mac_os_x40 versions+39

▶NVDapple/mac_os_x_server27 versions+26

▶NVDapple/mac_os_x_preview.app3.0.8

Patches

Patch: docs.info.apple.com ↗Patch: docs.info.apple.com ↗

🔴Vulnerability Details

GHSA

GHSA-whmj-7w3c-8prg: Apple File Protocol (AFP) Client in Apple Mac OS X 10↗2022-05-01

▶