CVE-2007-5847 — Race Condition in Apple MAC OS X

CWE-362 — Race Condition2 documents2 sources

Severity

6.6MEDIUMNVD

EPSS

0.0%

top 85.36%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple MAC OS X

Timeline

PublishedDec 19

Latest updateMay 1

Description

Race condition in the CFURLWriteDataAndPropertiesToResource API in Core Foundation in Apple Mac OS X 10.4.11 creates files with insecure permissions, which might allow local users to obtain sensitive information.

CVSS vector

AV:L/AC:L/C:C/I:C/A:NExploitability: 3.9 | Impact: 9.2

Affected Packages1 packages

▶NVDapple/mac_os_x10.4.11

🔴Vulnerability Details

GHSA

GHSA-q27h-gwfg-f2vw: Race condition in the CFURLWriteDataAndPropertiesToResource API in Core Foundation in Apple Mac OS X 10↗2022-05-01

▶