Vulnerability Description
The IOKit HID interface in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 does not sufficiently limit access to certain controls, which allows local users to gain privileges by using HID device events to read keystrokes from the console.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Apple | Mac Os X | 10.3.9 |
| Apple | Mac Os X Server | 10.4 |
References
- http://docs.info.apple.com/article.html?artnum=305214
- http://docs.info.apple.com/article.html?artnum=305391
- http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html
- http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.htmlPatchVendor Advisory
- http://secunia.com/advisories/24479
- http://secunia.com/advisories/24966
- http://www.osvdb.org/34855
- http://www.securityfocus.com/bid/22948
- http://www.securitytracker.com/id?1017751
- http://www.securitytracker.com/id?1017942
- http://www.us-cert.gov/cas/techalerts/TA07-072A.htmlUS Government Resource
- http://www.us-cert.gov/cas/techalerts/TA07-109A.htmlUS Government Resource
- http://www.vupen.com/english/advisories/2007/0930
- http://www.vupen.com/english/advisories/2007/1470
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32973
FAQ
What is CVE-2007-0724?
CVE-2007-0724 is a vulnerability with a CVSS score of 6.9 (MEDIUM). The IOKit HID interface in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 does not sufficiently limit access to certain controls, which allows local users to gain privileges by using HID device events ...
How severe is CVE-2007-0724?
CVE-2007-0724 has been rated MEDIUM with a CVSS base score of 6.9/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-0724?
Check the references section above for vendor advisories and patch information. Affected products include: Apple Mac Os X, Apple Mac Os X Server.