CVEブラウザに戻る

CVE-2007-4703

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.0210%

EPSS Percentile27.72th

Published2007年11月15日

Last Modified2026年4月23日

Vulnerability Description

The Application Firewall in Apple Mac OS X 10.5 does not prevent a root process from accepting incoming connections, even when "Block incoming connections" has been set for its associated executable, which might allow remote attackers or local root processes to bypass intended access restrictions.

Affected Platforms (CPE)

💻

Apple

Mac Os X

= 10.5

💻

Apple

Mac Os X Server

= 10.5

References & Advisories

🔗 http://docs.info.apple.com/article.html?artnum=307004

🔗 http://lists.apple.com/archives/security-announce/2007/Nov/msg00004.html

🔗 http://secunia.com/advisories/27695

🔗 http://securitytracker.com/id?1018958

🔗 http://www.securityfocus.com/bid/26460

🔗 http://www.vupen.com/english/advisories/2007/3897

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/38479

🔗 http://docs.info.apple.com/article.html?artnum=307004

関連する脆弱性情報

CVE-2003-100910.0

Directory Services in Apple Mac OS X 10.0.2, 10.0.3, 10.2.8, 10.3.2 and Apple Mac OS X Server 10.2 through 10.3.2 accepts authenti...

CVE-2000-038410.0

NetStructure 7110 and 7180 have undocumented accounts (servnow, root, and wizard) whose passwords are easily guessable from the Ne...

CVE-1999-108610.0

Novell 5 and earlier, when running over IPX with a packet signature level less than 3, allows remote attackers to gain administrat...

CVE-2004-009210.0

Unknown vulnerability in Safari web browser in Mac OS X 10.2.8 and 10.3.2, with unknown impact.