CVE-2007-0752

EPSS 0.23%
Published 24.05.2007 22:30:00
Last modified 09.04.2025 00:30:58
Source cve@mitre.org
Teams watchlist Login
Open Login

The PPP daemon (pppd) in Apple Mac OS X 10.4.8 checks ownership of the stdin file descriptor to determine if the invoker has sufficient privileges, which allows local users to load arbitrary plugins and gain root privileges by bypassing this check.

Affected products Warnungen 0 Metrics 2 CWE 0 References 12

Data is provided by the National Vulnerability Database (NVD)

Apple ≫ macOS X Version10.4.8

Apple ≫ macOS X Server Version10.4.8

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.23%	0.426

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.2	3.9	10	AV:L/AC:L/Au:N/C:C/I:C/A:C

http://docs.info.apple.com/article.html?artnum=305530

http://lists.apple.com/archives/security-announce/2007/May/msg00004.html

http://secunia.com/advisories/25402

http://www.vupen.com/english/advisories/2007/1939

http://www.securityfocus.com/bid/24144

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=537

Vendor Advisory

http://www.osvdb.org/35144

http://www.securitytracker.com/id?1018124

https://exchange.xforce.ibmcloud.com/vulnerabilities/34503

https://nvd.nist.gov/vuln/detail/CVE-2007-0752

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2007-0752

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2007-0752

EUVD