CVE-2008-2313 — Apple MAC OS X vulnerability

CWE-2643 documents3 sources

Severity

4.6MEDIUMNVD

EPSS

0.1%

top 83.75%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple MAC OS X Apple MAC OS X Server

Timeline

PublishedJul 1

Latest updateMay 1

Description

Apple Mac OS X before 10.5 uses weak permissions for the User Template directory, which allows local users to gain privileges by inserting a Trojan horse file into this directory.

CVSS vector

AV:L/AC:L/C:P/I:P/A:PExploitability: 3.9 | Impact: 6.4

Affected Packages2 packages

▶NVDapple/mac_os_x15 versions+14

▶NVDapple/mac_os_x_server15 versions+14

🔴Vulnerability Details

GHSA

GHSA-7rj2-2mf4-xhf4: Apple Mac OS X before 10↗2022-05-01

▶

CVEList

CVE-2008-2313: Apple Mac OS X before 10↗2008-07-01

▶