Vulnerability Description
The Login Window in Apple Mac OS X 10.4 through 10.4.9 displays the software update window beneath the loginwindow authentication dialog in certain circumstances related to running scheduled tasks, which allows local users to bypass authentication controls.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Apple | Mac Os X | 10.4 |
References
- http://docs.info.apple.com/article.html?artnum=305391
- http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html
- http://secunia.com/advisories/24966
- http://www.osvdb.org/34864
- http://www.securityfocus.com/bid/23569Patch
- http://www.securitytracker.com/id?1017939
- http://www.us-cert.gov/cas/techalerts/TA07-109A.htmlUS Government Resource
- http://www.vupen.com/english/advisories/2007/1470
- http://docs.info.apple.com/article.html?artnum=305391
- http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html
- http://secunia.com/advisories/24966
- http://www.osvdb.org/34864
- http://www.securityfocus.com/bid/23569Patch
- http://www.securitytracker.com/id?1017939
- http://www.us-cert.gov/cas/techalerts/TA07-109A.htmlUS Government Resource
FAQ
What is CVE-2007-0739?
CVE-2007-0739 is a vulnerability with a CVSS score of 4.6 (MEDIUM). The Login Window in Apple Mac OS X 10.4 through 10.4.9 displays the software update window beneath the loginwindow authentication dialog in certain circumstances related to running scheduled tasks, wh...
How severe is CVE-2007-0739?
CVE-2007-0739 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-0739?
Check the references section above for vendor advisories and patch information. Affected products include: Apple Mac Os X.