← Back

CVE-2007-3749

nvd nist
Published: Nov 15, 2007Modified: Apr 23, 2026

JSON object

Loading...
7.8
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Exploitability: 1.8 / Impact: 5.9
Source: NVD

Description

The kernel in Apple Mac OS X 10.4 through 10.4.10 does not reset the current Mach Thread Port or Thread Exception Port when executing a setuid program, which allows local users to execute arbitrary code by creating the port before launching the setuid program, then writing to the address space of the setuid process.

Affected (1)

Products: Apple: Mac Os X
Apple
1 product
Mac Os X
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Mac Os X
From 10.4.0 to 10.4.10

Related CWEs

CWE-665
Improper Initialization
The product does not initialize or incorrectly initializes a resource, which might leave the resource in an unexpected state when it is accessed or used.

References (16)

Source: cve@mitre.org
Broken Link
Source: cve@mitre.org
Broken Link
Source: cve@mitre.org
Mailing List
Source: cve@mitre.org
Broken LinkVendor Advisory
Source: cve@mitre.org
Broken LinkThird Party AdvisoryVDB Entry
Source: cve@mitre.org
Broken LinkThird Party AdvisoryUS Government Resource
Source: cve@mitre.org
Broken LinkVendor Advisory
Source: cve@mitre.org
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List
Source: af854a3a-2127-422b-91ae-364da2661108
Broken LinkVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Broken LinkThird Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Broken LinkThird Party AdvisoryUS Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
Broken LinkVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry

Timeline

No history available yet.