Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-4699

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2007-4699
Last Modified 21 Jul 2013 02:22:52
Published 14 Nov 2007 09:46:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-4699

Summary

The default configuration of Safari in Apple Mac OS X 10.4 through 10.4.10 adds a private key to the keychain with permissions that allow other applications to access the key without warning the user, which might allow other applications to bypass intended access restrictions.

Vulnerable Systems

Application

  • Apple Safari


References

CERT - TA07-319A

APPLE - APPLE-SA-2007-11-14

XF - macosx-webkit-security-bypass(38485)

VUPEN - ADV-2007-3868

BID - 26444

SECTRACK - 1018948

SECUNIA - 27643

CONFIRM - http://docs.info.apple.com/article.html?artnum=307041

Related Patches

Apple 2007-11-14 Mac OS X 10.4.11 Update (PPC)

Apple 2007-11-14 Mac OS X 10.4.11 Combo Update (PPC)

Apple 2007-11-14 Mac OS X Server 10.4.11 Combo Update (PPC)

Apple 2007-11-14 Mac OS X Server 10.4.11 Update (PPC)


Last Updated: 27 May 2016 10:45:57