Computer Security
[EN] securityvulns.ru no-pyccku


Apple Mac OS X UserNotificationCenter privilege escalation
Published:24.01.2007
Source:
SecurityVulns ID:7101
Type:local
Threat Level:
6/10
Description:Application doesn't droup wheel group privileges.
Affected:APPLE : Mac OS X 10.4
CVE:CVE-2007-0023 (The CFUserNotificationSendRequest function in UserNotificationCenter.app in Apple Mac OS X 10.4.8, when used in combination with diskutil, allows local users to gain privileges via a malicious InputManager in Library/InputManagers in a user's home directory, which is executed when Cocoa applications attempt to notify the user.)
Original documentdocumentMOAB, MOAB-22-01-2007: Apple UserNotificationCenter Privilege Escalation Vulnerability (24.01.2007)
Files:"Exploit" for Apple UserNotificationCenter Privilege Escalation Vulnerability

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod