Описание
The kernel in Apple Mac OS X 10.4 through 10.4.10 does not reset the current Mach Thread Port or Thread Exception Port when executing a setuid program, which allows local users to execute arbitrary code by creating the port before launching the setuid program, then writing to the address space of the setuid process.
Ссылки
- Broken Link
- Broken Link
- Mailing List
- Broken LinkVendor Advisory
- Broken LinkThird Party AdvisoryVDB Entry
- Broken LinkThird Party AdvisoryUS Government Resource
- Broken LinkVendor Advisory
- Third Party AdvisoryVDB Entry
- Broken Link
- Broken Link
- Mailing List
- Broken LinkVendor Advisory
- Broken LinkThird Party AdvisoryVDB Entry
- Broken LinkThird Party AdvisoryUS Government Resource
- Broken LinkVendor Advisory
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1Версия от 10.4.0 (включая) до 10.4.10 (включая)
cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
EPSS
Процентиль: 36%
0.00147
Низкий
7.8 High
CVSS3
7.2 High
CVSS2
Дефекты
CWE-665
Связанные уязвимости
CVSS3: 7.8
github
почти 4 года назад
The kernel in Apple Mac OS X 10.4 through 10.4.10 does not reset the current Mach Thread Port or Thread Exception Port when executing a setuid program, which allows local users to execute arbitrary code by creating the port before launching the setuid program, then writing to the address space of the setuid process.
EPSS
Процентиль: 36%
0.00147
Низкий
7.8 High
CVSS3
7.2 High
CVSS2
Дефекты
CWE-665