CVE-2007-4702

Published: Nov 15, 2007Modified: Apr 23, 2026

9.3

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability: 8.6 / Impact: 10.0

Source: NVD

Description

The Application Firewall in Apple Mac OS X 10.5, when "Block all incoming connections" is enabled, does not prevent root processes or mDNSResponder from accepting connections, which might allow remote attackers or local root processes to bypass intended access restrictions.

Affected (2)

Products: Apple: Mac Os X, Mac Os X Server

2 products

Mac Os X Server

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Apple Mac Os X	Version 10.5
Apple Mac Os X Server	Version 10.5

References (14)

http://docs.info.apple.com/article.html?artnum=307004

Source: cve@mitre.org

http://lists.apple.com/archives/security-announce/2007/Nov/msg00004.html

Source: cve@mitre.org

Patch

http://secunia.com/advisories/27695

Source: cve@mitre.org

Vendor Advisory

http://securitytracker.com/id?1018958

Source: cve@mitre.org

http://www.securityfocus.com/bid/26461

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2007/3897

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/38506

Source: cve@mitre.org

http://docs.info.apple.com/article.html?artnum=307004

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.apple.com/archives/security-announce/2007/Nov/msg00004.html

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

http://secunia.com/advisories/27695

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://securitytracker.com/id?1018958

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/26461

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2007/3897

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/38506

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.