Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2007-3749

The kernel in Apple Mac OS X 10.4 through 10.4.10 does not reset the current Mach Thread Port or Thread Exception Port when executing a setuid program, which allows local users to execute arbitrary code by creating the port before launching the setuid program, then writing to the address space of the setuid process.

Published

2007-11-15T01:46:00.000

Last Modified

2025-04-09T00:30:58.490

Status

Deferred

Source

[email protected]

Severity

CVSSv3.1: 7.8 (HIGH)

CVSSv2 Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: COMPLETE
Integrity Impact: COMPLETE
Availability Impact: COMPLETE

Exploitability Score

3.9

Impact Score

10.0

Weaknesses

Type: Primary
CWE-665

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	apple	mac_os_x	≤ 10.4.10	Yes

References

http://docs.info.apple.com/article.html?artnum=307041 Broken Link ([email protected])
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=630 Broken Link ([email protected])
http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html Mailing List ([email protected])
http://secunia.com/advisories/27643 Broken Link, Vendor Advisory ([email protected])
http://www.securityfocus.com/bid/26444 Broken Link, Third Party Advisory, VDB Entry ([email protected])
http://www.us-cert.gov/cas/techalerts/TA07-319A.html Broken Link, Third Party Advisory, US Government Resource ([email protected])
http://www.vupen.com/english/advisories/2007/3868 Broken Link, Vendor Advisory ([email protected])
https://exchange.xforce.ibmcloud.com/vulnerabilities/38466 Third Party Advisory, VDB Entry ([email protected])
http://docs.info.apple.com/article.html?artnum=307041 Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=630 Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html Mailing List (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/27643 Broken Link, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/26444 Broken Link, Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
http://www.us-cert.gov/cas/techalerts/TA07-319A.html Broken Link, Third Party Advisory, US Government Resource (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2007/3868 Broken Link, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/38466 Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)