| Vulnerability Name: | CVE-2005-1472 (CCN-21134) | ||||||||
| Assigned: | 2005-05-16 | ||||||||
| Published: | 2005-05-16 | ||||||||
| Updated: | 2008-09-05 | ||||||||
| Summary: | Certain system calls in Apple Mac OS X 10.4.1 do not properly enforce the permissions of certain directories without the POSIX read bit set, but with the execute bits set for group or other, which allows local users to list files in otherwise restricted directories. | ||||||||
| CVSS v3 Severity: | 4.0 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
| ||||||||
| CVSS v2 Severity: | 2.1 Low (CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Obtain Information | ||||||||
| References: | Source: MITRE Type: CNA CVE-2005-1472 Source: CCN Type: AppleCare Knowledge Base Document 301630 About the security content of the Mac OS X 10.4.1 Update Source: APPLE Type: Patch, Vendor Advisory APPLE-SA-2005-05-19 Source: CCN Type: Mac OS X Web page Apple - Mac OS X Source: CCN Type: CIAC Information Bulletin P-205 P-205: Mac OS X 10.4.1 Update Source: CCN Type: OSVDB ID: 16726 Apple Mac OS X File System Search Arbitrary File Name Disclosure Source: CCN Type: BID-13695 Apple Mac OS X Local Filename Information Disclosure Vulnerability Source: XF Type: UNKNOWN kernel-filename-information-disclosure(21134) | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| BACK | |||||||||