Vulnerability Details CVE-2007-4703
The Application Firewall in Apple Mac OS X 10.5 does not prevent a root process from accepting incoming connections, even when "Block incoming connections" has been set for its associated executable, which might allow remote attackers or local root processes to bypass intended access restrictions.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 70.3%
CVSS Severity
CVSS v2 Score 10.0
References
- http://docs.info.apple.com/article.html?artnum=307004
- http://lists.apple.com/archives/security-announce/2007/Nov/msg00004.html
- http://secunia.com/advisories/27695
- http://securitytracker.com/id?1018958
- http://www.securityfocus.com/bid/26460
- http://www.vupen.com/english/advisories/2007/3897
- https://exchange.xforce.ibmcloud.com/vulnerabilities/38479
- http://docs.info.apple.com/article.html?artnum=307004
- http://lists.apple.com/archives/security-announce/2007/Nov/msg00004.html
- http://secunia.com/advisories/27695
- http://securitytracker.com/id?1018958
- http://www.securityfocus.com/bid/26460
- http://www.vupen.com/english/advisories/2007/3897
- https://exchange.xforce.ibmcloud.com/vulnerabilities/38479
Products affected by CVE-2007-4703
-
cpe:2.3:o:apple:mac_os_x:10.5
-
cpe:2.3:o:apple:mac_os_x_server:10.5