CyberSec.Space Logo
Back to CVE Browser

CVE-2007-4703

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0210%
EPSS Percentile27.72th
PublishedNov 15, 2007
Last ModifiedApr 23, 2026

Vulnerability Description

The Application Firewall in Apple Mac OS X 10.5 does not prevent a root process from accepting incoming connections, even when "Block incoming connections" has been set for its associated executable, which might allow remote attackers or local root processes to bypass intended access restrictions.

Affected Platforms (CPE)

πŸ’»
Apple

Mac Os X

= 10.5
πŸ’»
Apple

Mac Os X Server

= 10.5

References & Advisories

πŸ”— http://docs.info.apple.com/article.html?artnum=307004
πŸ”— http://lists.apple.com/archives/security-announce/2007/Nov/msg00004.html
πŸ”— http://secunia.com/advisories/27695
πŸ”— http://securitytracker.com/id?1018958
πŸ”— http://www.securityfocus.com/bid/26460
πŸ”— http://www.vupen.com/english/advisories/2007/3897
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/38479
πŸ”— http://docs.info.apple.com/article.html?artnum=307004

Related Vulnerabilities

CVE-2003-100910.0

Directory Services in Apple Mac OS X 10.0.2, 10.0.3, 10.2.8, 10.3.2 and Apple Mac OS X Server 10.2 through 10.3.2 accepts authenti...

CVE-2000-038410.0

NetStructure 7110 and 7180 have undocumented accounts (servnow, root, and wizard) whose passwords are easily guessable from the Ne...

CVE-1999-108610.0

Novell 5 and earlier, when running over IPX with a packet signature level less than 3, allows remote attackers to gain administrat...

CVE-2004-009210.0

Unknown vulnerability in Safari web browser in Mac OS X 10.2.8 and 10.3.2, with unknown impact.