CVE-2007-0162 - Computer security: vulnerabilities and exploits database

[EN] securityvulns.ru
no-pyccku

CVE CVE-2007-0162
Status Candidate
Description Unsanity Application Enhancer (APE) 2.0.2 installs with insecure permissions for the (1) ApplicationEnhancer binary and the (2) /Library/Frameworks/ApplicationEnhancer.framework directory, which allows local users to gain privileges by modifying or replacing the binary or library files.
Severity Medium
CVSS score 4,2
CVSS vector (AV:L/AC:L/Au:R/C:C/I:C/A:C/B:N)
Phase Assigned (09.01.2007)
SecurityVulns: Unsanity Application Enhancer privilege escalation
NVD: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-0162
References BID : 21951
MISC : http://landonf.bikemonkey.org/code/macosx/MOAB_Day...
MISC : http://projects.info-pull.com/moab/MOAB-08-01-2007...
SECUNIA : 23649
XF : ape-appenhancer-privilege-escalation(31349)