CVE-2007-0117

Published: Jan 9, 2007Modified: Apr 23, 2026

10.0

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 10.0 / Impact: 10.0

Source: NVD

Description

DiskManagementTool in the DiskManagement.framework 92.29 on Mac OS X 10.4.8 does not properly validate Bill of Materials (BOM) files, which allows attackers to gain privileges via a BOM file under /Library/Receipts/, which triggers arbitrary file permission changes upon execution of a diskutil permission repair operation.

Affected (2)

Products: Apple: Mac Os X, Mac Os X Server

2 products

Mac Os X Server

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Apple Mac Os X	Version 10.4.8
Apple Mac Os X Server	Version 10.4.8

References (10)

http://osvdb.org/31167

Source: cve@mitre.org

http://projects.info-pull.com/moab/MOAB-05-01-2007.html

Source: cve@mitre.org

Exploit

http://secunia.com/advisories/23653

Source: cve@mitre.org

http://www.securityfocus.com/bid/21899

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2007/0074

Source: cve@mitre.org

http://osvdb.org/31167

Source: af854a3a-2127-422b-91ae-364da2661108

http://projects.info-pull.com/moab/MOAB-05-01-2007.html

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

http://secunia.com/advisories/23653

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/21899

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2007/0074

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.