CVE-2007-0724

high

Description

The IOKit HID interface in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 does not sufficiently limit access to certain controls, which allows local users to gain privileges by using HID device events to read keystrokes from the console.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/32973

http://www.vupen.com/english/advisories/2007/1470

http://www.vupen.com/english/advisories/2007/0930

http://www.us-cert.gov/cas/techalerts/TA07-109A.html

http://www.us-cert.gov/cas/techalerts/TA07-072A.html

http://www.securitytracker.com/id?1017942

http://www.securitytracker.com/id?1017751

http://www.securityfocus.com/bid/22948

http://www.osvdb.org/34855

http://secunia.com/advisories/24966

http://secunia.com/advisories/24479

http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html

http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html

http://docs.info.apple.com/article.html?artnum=305391

http://docs.info.apple.com/article.html?artnum=305214

Details

Source: Mitre, NVD

Published: 2007-03-13

Updated: 2024-11-21

Risk Information

CVSS v2

Base Score: 6.9

Vector: CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C

Severity: Medium

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High

Detections

Analytics