CVE-2007-0724
First published: Tue Mar 13 2007(Updated: )
The IOKit HID interface in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 does not sufficiently limit access to certain controls, which allows local users to gain privileges by using HID device events to read keystrokes from the console.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apple iOS and macOS | =10.4.3 | |
| Apple macOS Server | =10.4.3 | |
| Apple iOS and macOS | =10.4.1 | |
| Apple macOS Server | =10.4.2 | |
| Apple macOS Server | =10.4.4 | |
| Apple macOS Server | =10.4.1 | |
| Apple iOS and macOS | =10.4.7 | |
| Apple iOS and macOS | =10.4.4 | |
| Apple macOS Server | =10.4 | |
| Apple macOS Server | =10.4.5 | |
| Apple iOS and macOS | =10.4 | |
| Apple macOS Server | =10.4.6 | |
| Apple macOS Server | =10.4.8 | |
| Apple iOS and macOS | =10.4.6 | |
| Apple iOS and macOS | =10.4.5 | |
| Apple iOS and macOS | =10.3.9 | |
| Apple iOS and macOS | =10.4.8 | |
| Apple macOS Server | =10.4.7 | |
| Apple iOS and macOS | =10.4.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html
- http://docs.info.apple.com/article.html?artnum=305214
- http://www.securityfocus.com/bid/22948
- http://www.securitytracker.com/id?1017751
- http://secunia.com/advisories/24479
- http://docs.info.apple.com/article.html?artnum=305391
- http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html
- http://www.securitytracker.com/id?1017942
- http://secunia.com/advisories/24966
- http://www.us-cert.gov/cas/techalerts/TA07-072A.html
- http://www.us-cert.gov/cas/techalerts/TA07-109A.html
- http://www.osvdb.org/34855
- http://www.vupen.com/english/advisories/2007/1470
- http://www.vupen.com/english/advisories/2007/0930
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32973
Frequently Asked Questions
What is the severity of CVE-2007-0724?
CVE-2007-0724 is a high severity vulnerability that allows local users to gain elevated privileges.
How do I fix CVE-2007-0724?
To fix CVE-2007-0724, users should update their Mac OS X systems to the latest version that addresses this vulnerability.
What versions of Apple Mac OS X are affected by CVE-2007-0724?
CVE-2007-0724 affects Apple Mac OS X versions 10.3.9 and 10.4 through 10.4.8.
What are the potential risks associated with CVE-2007-0724?
The risk associated with CVE-2007-0724 includes unauthorized access to keystrokes and potential privilege escalation by local users.
Is there a workaround for CVE-2007-0724?
There are no specific workarounds for CVE-2007-0724, and applying the security update is recommended.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/last-modified-date
- agent/references
- agent/severity
- agent/remedy
- agent/description
- agent/first-publish-date
- agent/author
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/apple
- canonical/apple ios and macos
- version/apple ios and macos/10.4.3
- canonical/apple macos server
- version/apple macos server/10.4.3
- version/apple ios and macos/10.4.1
- version/apple macos server/10.4.2
- version/apple macos server/10.4.4
- version/apple macos server/10.4.1
- version/apple ios and macos/10.4.7
- version/apple ios and macos/10.4.4
- version/apple macos server/10.4
- version/apple macos server/10.4.5
- version/apple ios and macos/10.4
- version/apple macos server/10.4.6
- version/apple macos server/10.4.8
- version/apple ios and macos/10.4.6
- version/apple ios and macos/10.4.5
- version/apple ios and macos/10.3.9
- version/apple ios and macos/10.4.8
- version/apple macos server/10.4.7
- version/apple ios and macos/10.4.2