Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-0046

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2008-0046
Last Modified 07 Mar 2011 10:03:50
Published 18 Mar 2008 06:44:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-0046

Summary

The Application Firewall in Apple Mac OS X 10.5.2 has an incorrect German translation for the "Set access for specific services and applications" radio button that might cause the user to believe that the button is used to restrict access only to specific services and applications, which might allow attackers to bypass intended access restrictions.

Vulnerable Systems

Operating System

  • Apple Mac Os X 10.5.2

  • Apple Mac Os X Server 10.5.2


References

CERT - TA08-079A

APPLE - APPLE-SA-2008-03-18

XF - macos-applicationfirewall-weak-security(41317)

VUPEN - ADV-2008-0924

SECTRACK - 1019658

BID - 28368

BID - 28304

SECUNIA - 29420

CONFIRM - http://docs.info.apple.com/article.html?artnum=307562

Related Patches

Apple 2008-03-18 Security Update 2008-002 v1.0 Client (Leopard)

Apple 2008-03-26 Security Update 2008-002 v1.1 Server (Leopard) (Rev 2)

Apple 2008-03-26 Security Update 2008-002 v1.1 Client (Leopard) (Rev 2)


Last Updated: 27 May 2016 10:46:39