← back
CVE-2007-0117

CVE-2007-0117

EPSS 5.3%
DiskManagementTool in the DiskManagement.framework 92.29 on Mac OS X 10.4.8 does not properly validate Bill of Materials (BOM) files, which allows attackers to gain privileges via a BOM file under /Library/Receipts/, which triggers arbitrary file permission changes upon execution of a diskutil permission repair operation.
Affected products
n/a · n/a
public PoCs found2
exploitdbwww.exploit-db.com/exploits/3088unverifiedexploitdbwww.exploit-db.com/exploits/3087unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://osvdb.org/31167http://projects.info-pull.com/moab/MOAB-05-01-2007.htmlhttp://secunia.com/advisories/23653http://www.securityfocus.com/bid/21899http://www.vupen.com/english/advisories/2007/0074