7.2

CVE-2006-4887

EPSS 0.07%
Veröffentlicht 19.09.2006 21:07:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

Apple Remote Desktop (ARD) for Mac OS X 10.2.8 and later does not drop privileges on the remote machine while installing certain applications, which allows local users to bypass authentication and gain privileges by selecting the icon during installation.  NOTE: it could be argued that the issue is not in Remote Desktop itself, but in applications that are installed while using it.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 9

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Apple ≫ Apple Remote Desktop Version2.0.0

Apple ≫ Apple Remote Desktop Version2.1.0

Apple ≫ Apple Remote Desktop Version3.0.0

Apple ≫ macOS X Version <= 10.2.8

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.07%	0.211

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.2	3.9	10	AV:L/AC:L/Au:N/C:C/I:C/A:C

http://www.osvdb.org/32260

http://www.securityfocus.com/archive/1/446371/100/0/threaded

http://www.securityfocus.com/archive/1/446751/100/0/threaded

http://www.securityfocus.com/archive/1/447043/100/0/threaded

http://www.securityfocus.com/bid/20092

https://exchange.xforce.ibmcloud.com/vulnerabilities/29060

https://nvd.nist.gov/vuln/detail/CVE-2006-4887

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-4887

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-4887

EUVD