CVE-2007-0345
Last modified
CVE-2007-0345 is a vulnerability of currently unknown severity. The (1) Activity Monitor.app/Contents/Resources/pmTool, (2) Keychain Access.app/Contents/Resources/kcproxy, and (3) ODBC Administrator.app/Contents/Resources/iodbcadmintool programs in /Applications/Utilities/ in Mac OS X 10.4.8 have weak permissions (writable by admin group), which allows local admin users to gain root privileges by modifying a program and then performing permissions repair via diskutil.. EPSS estimates a 0.41% chance of exploitation in the next 30 days.
Description
The (1) Activity Monitor.app/Contents/Resources/pmTool, (2) Keychain Access.app/Contents/Resources/kcproxy, and (3) ODBC Administrator.app/Contents/Resources/iodbcadmintool programs in /Applications/Utilities/ in Mac OS X 10.4.8 have weak permissions (writable by admin group), which allows local admin users to gain root privileges by modifying a program and then performing permissions repair via diskutil.
Metrics
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Apple | Mac Os X | 10.4.8 |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2007-0345?
How severe is CVE-2007-0345?
How do I fix CVE-2007-0345?
Are you affected by CVE-2007-0345?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST