Vulnerability Details CVE-2007-0724
The IOKit HID interface in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 does not sufficiently limit access to certain controls, which allows local users to gain privileges by using HID device events to read keystrokes from the console.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 27.0%
CVSS Severity
CVSS v2 Score 6.9
References
- http://docs.info.apple.com/article.html?artnum=305214
- http://docs.info.apple.com/article.html?artnum=305391
- http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html
- http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html
- http://secunia.com/advisories/24479
- http://secunia.com/advisories/24966
- http://www.osvdb.org/34855
- http://www.securityfocus.com/bid/22948
- http://www.securitytracker.com/id?1017751
- http://www.securitytracker.com/id?1017942
- http://www.us-cert.gov/cas/techalerts/TA07-072A.html
- http://www.us-cert.gov/cas/techalerts/TA07-109A.html
- http://www.vupen.com/english/advisories/2007/0930
- http://www.vupen.com/english/advisories/2007/1470
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32973
- http://docs.info.apple.com/article.html?artnum=305214
- http://docs.info.apple.com/article.html?artnum=305391
- http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html
- http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html
- http://secunia.com/advisories/24479
- http://secunia.com/advisories/24966
- http://www.osvdb.org/34855
- http://www.securityfocus.com/bid/22948
- http://www.securitytracker.com/id?1017751
- http://www.securitytracker.com/id?1017942
- http://www.us-cert.gov/cas/techalerts/TA07-072A.html
- http://www.us-cert.gov/cas/techalerts/TA07-109A.html
- http://www.vupen.com/english/advisories/2007/0930
- http://www.vupen.com/english/advisories/2007/1470
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32973
Products affected by CVE-2007-0724
-
cpe:2.3:o:apple:mac_os_x:10.3.9
-
cpe:2.3:o:apple:mac_os_x:10.4
-
cpe:2.3:o:apple:mac_os_x:10.4.1
-
cpe:2.3:o:apple:mac_os_x:10.4.2
-
cpe:2.3:o:apple:mac_os_x:10.4.3
-
cpe:2.3:o:apple:mac_os_x:10.4.4
-
cpe:2.3:o:apple:mac_os_x:10.4.5
-
cpe:2.3:o:apple:mac_os_x:10.4.6
-
cpe:2.3:o:apple:mac_os_x:10.4.7
-
cpe:2.3:o:apple:mac_os_x:10.4.8
-
cpe:2.3:o:apple:mac_os_x_server:10.4
-
cpe:2.3:o:apple:mac_os_x_server:10.4.1
-
cpe:2.3:o:apple:mac_os_x_server:10.4.2
-
cpe:2.3:o:apple:mac_os_x_server:10.4.3
-
cpe:2.3:o:apple:mac_os_x_server:10.4.4
-
cpe:2.3:o:apple:mac_os_x_server:10.4.5
-
cpe:2.3:o:apple:mac_os_x_server:10.4.6
-
cpe:2.3:o:apple:mac_os_x_server:10.4.7
-
cpe:2.3:o:apple:mac_os_x_server:10.4.8