Apple Mac OS X UserNotificationCenter privilege escalation
Published:		24.01.2007
Source:		MOAB
SecurityVulns ID:		7101
Type:		local
Level:		6/10
Description:		Application doesn't droup wheel group privileges.

Affected:		APPLE : Mac OS X 10.4
CVE:		CVE-2007-0023 (The CFUserNotificationSendRequest function in UserNotificationCenter.app in Apple Mac OS X 10.4.8, when used in combination with diskutil, allows local users to gain privileges via a malicious InputManager in Library/InputManagers in a user's home directory, which is executed when Cocoa applications attempt to notify the user.)

Original document

MOAB, MOAB-22-01-2007: Apple UserNotificationCenter Privilege Escalation Vulnerability (24.01.2007)

Files:		"Exploit" for Apple UserNotificationCenter Privilege Escalation Vulnerability
Discuss:		Read or add your comments to this news (0 comments)