7.2

CVE-2006-4887

EPSS 0.07%
Published 19.09.2006 21:07:00
Last modified 03.04.2025 01:03:51
Source cve@mitre.org
Teams watchlist Login
Open Login

Apple Remote Desktop (ARD) for Mac OS X 10.2.8 and later does not drop privileges on the remote machine while installing certain applications, which allows local users to bypass authentication and gain privileges by selecting the icon during installation.  NOTE: it could be argued that the issue is not in Remote Desktop itself, but in applications that are installed while using it.

Affected products Warnungen 0 Metrics 2 CWE 0 References 9

Data is provided by the National Vulnerability Database (NVD)

Apple ≫ Apple Remote Desktop Version2.0.0

Apple ≫ Apple Remote Desktop Version2.1.0

Apple ≫ Apple Remote Desktop Version3.0.0

Apple ≫ macOS X Version <= 10.2.8

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.07%	0.211

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.2	3.9	10	AV:L/AC:L/Au:N/C:C/I:C/A:C

http://www.osvdb.org/32260

http://www.securityfocus.com/archive/1/446371/100/0/threaded

http://www.securityfocus.com/archive/1/446751/100/0/threaded

http://www.securityfocus.com/archive/1/447043/100/0/threaded

http://www.securityfocus.com/bid/20092

https://exchange.xforce.ibmcloud.com/vulnerabilities/29060

https://nvd.nist.gov/vuln/detail/CVE-2006-4887

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-4887

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-4887

EUVD