CVE-2009-0141Incorrect Permission Assignment in Apple MAC OS X

CWE-732Incorrect Permission Assignment4 documents4 sources
Severity
5.5MEDIUMNVD
EPSS
0.0%
top 85.60%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Apple MAC OS XApple MAC OS X Server
Timeline
PublishedFeb 13
Latest updateMay 2

Description

XTerm in Apple Mac OS X 10.4.11 and 10.5.6, when used with luit, creates tty devices with insecure world-writable permissions, which allows local users to write to the Xterm of another user.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages2 packages

NVDapple/mac_os_x10.4.11, 10.5.6+1
NVDapple/mac_os_x_server10.4.11, 10.5.6+1

🔴Vulnerability Details

2
GHSA
GHSA-22v4-7fpv-5gx7: XTerm in Apple Mac OS X 102022-05-02
CVEList
CVE-2009-0141: XTerm in Apple Mac OS X 102009-02-13

📐Framework References

1
CWE
Incorrect Permission Assignment for Critical Resource
CVE-2009-0141 — Incorrect Permission Assignment | cvebase