← Back

CVE-2008-3609

nvd nist
Published: Sep 16, 2008Modified: Apr 23, 2026

JSON object

Loading...
7.2
Vector
AV:L/AC:L/Au:N/C:C/I:C/A:C
Exploitability: 3.9 / Impact: 10.0
Source: NVD

Description

The kernel in Apple Mac OS X 10.5 through 10.5.4 does not properly flush cached credentials during recycling (aka purging) of a vnode, which might allow local users to bypass the intended read or write permissions of a file.

Affected (10)

Apple
2 products
Mac Os X
Mac Os X Server
Configuration A
10 vulnerable
Vulnerable SoftwareAffected Versions
Apple
Mac Os X
Version 10.5.1
Mac Os X
Version 10.5.2
Mac Os X
Version 10.5.3
Mac Os X
Version 10.5.4
Mac Os X
Version 10.5
Apple
Mac Os X Server
Version 10.5.1
Mac Os X Server
Version 10.5.2
Mac Os X Server
Version 10.5.3
Mac Os X Server
Version 10.5.4
Mac Os X Server
Version 10.5

Related CWEs

CWE-264
CWE-264

References (14)

Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Patch
Source: cve@mitre.org
Source: cve@mitre.org
US Government Resource
Source: cve@mitre.org
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
US Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.