CVE-2007-4685 — Apple MAC OS X vulnerability

CWE-2642 documents2 sources

Severity

7.2HIGHNVD

EPSS

0.1%

top 83.31%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple MAC OS X Apple MAC OS X Server

Timeline

PublishedNov 15

Latest updateMay 1

Description

The kernel in Apple Mac OS X 10.4 through 10.4.10 allows local users to gain privileges by executing setuid or setgid programs in which the stdio, stderr, or stdout file descriptors are "in an unexpected state."

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages2 packages

▶NVDapple/mac_os_x10 versions+9

▶NVDapple/mac_os_x_server10 versions+9

Patches

Patch: lists.apple.com ↗Patch: lists.apple.com ↗

🔴Vulnerability Details

GHSA

GHSA-wfrw-vjm2-mx9r: The kernel in Apple Mac OS X 10↗2022-05-01

▶