CVE-2007-4685

The kernel in Apple Mac OS X 10.4 through 10.4.10 allows local users to gain privileges by executing setuid or setgid programs in which the stdio, stderr, or stdout file descriptors are "in an unexpected state."

Link	Resource
http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html	Patch
http://docs.info.apple.com/article.html?artnum=307041
http://www.us-cert.gov/cas/techalerts/TA07-319A.html	US Government Resource
http://www.securityfocus.com/bid/26444
http://securitytracker.com/id?1018950
http://secunia.com/advisories/27643	Vendor Advisory
http://www.vupen.com/english/advisories/2007/3868
https://exchange.xforce.ibmcloud.com/vulnerabilities/38469

Configuration 1

cpe:2.3:o:apple:mac_os_x:10.4.3:*:*:*:*:*:*:* cpe:2.3:o:apple:mac_os_x_server:10.4.3:*:*:*:*:*:*:* cpe:2.3:o:apple:mac_os_x_server:10.4.10:*:*:*:*:*:*:* cpe:2.3:o:apple:mac_os_x_server:10.4.9:*:*:*:*:*:*:* cpe:2.3:o:apple:mac_os_x:10.4.1:*:*:*:*:*:*:* cpe:2.3:o:apple:mac_os_x_server:10.4.2:*:*:*:*:*:*:* cpe:2.3:o:apple:mac_os_x_server:10.4.4:*:*:*:*:*:*:* cpe:2.3:o:apple:mac_os_x:10.4.10:*:*:*:*:*:*:* cpe:2.3:o:apple:mac_os_x_server:10.4.1:*:*:*:*:*:*:* cpe:2.3:o:apple:mac_os_x:10.4.9:*:*:*:*:*:*:* cpe:2.3:o:apple:mac_os_x:10.4.7:*:*:*:*:*:*:* cpe:2.3:o:apple:mac_os_x:10.4.4:*:*:*:*:*:*:* cpe:2.3:o:apple:mac_os_x_server:10.4.5:*:*:*:*:*:*:* cpe:2.3:o:apple:mac_os_x_server:10.4.6:*:*:*:*:*:*:* cpe:2.3:o:apple:mac_os_x_server:10.4.8:*:*:*:*:*:*:* cpe:2.3:o:apple:mac_os_x:10.4.6:*:*:*:*:*:*:* cpe:2.3:o:apple:mac_os_x:10.4.5:*:*:*:*:*:*:* cpe:2.3:o:apple:mac_os_x:10.4.8:*:*:*:*:*:*:* cpe:2.3:o:apple:mac_os_x_server:10.4.7:*:*:*:*:*:*:* cpe:2.3:o:apple:mac_os_x:10.4.2:*:*:*:*:*:*:*

---

Published : 2007-11-15 01:46

Updated : 2017-07-29 01:33

---

NVD link : CVE-2007-4685

Mitre link : CVE-2007-4685

No products.

CWE-264