CVE-2017-13908

Published: Dec 23, 2021Modified: Nov 21, 2024

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

An issue in handling file permissions was addressed with improved validation. This issue is fixed in macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, and Security Update 2017-004 El Capitan, macOS High Sierra 10.13. A local attacker may be able to execute non-executable text files via an SMB share.

Affected (9)

Products: Apple: Mac Os X

Apple

1 product

Mac Os X

Configuration A

9 vulnerable

Vulnerable Software	Affected Versions
Apple Mac Os X	From 10.11 to 10.11.6
Apple Mac Os X	From 10.12 to 10.12.5
Apple Mac Os X	Version 10.11.6
Apple Mac Os X	Version 10.11.6 security_update_2016-001
Apple Mac Os X	Version 10.11.6 security_update_2016-002
Apple Mac Os X	Version 10.11.6 security_update_2016-003
Apple Mac Os X	Version 10.11.6 security_update_2017-001
Apple Mac Os X	Version 10.11.6 security_update_2017-002
Apple Mac Os X	Version 10.11.6 security_update_2017-003

References (4)

https://support.apple.com/en-us/HT208144

Source: product-security@apple.com

Vendor Advisory

https://support.apple.com/en-us/HT208221

Source: product-security@apple.com

Vendor Advisory

https://support.apple.com/en-us/HT208144

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://support.apple.com/en-us/HT208221

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.