Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | |||
CVE ID: | CVE-2008-2830 |
Description: | Open Scripting Architecture in Apple Mac OS X 10.4.11 and 10.5.4, and some other 10.4 and 10.5 versions, does not properly restrict the loading of scripting addition plugins, which allows local users to gain privileges via scripting addition commands to a privileged application, as originally demonstrated by an osascript tell command to ARDAgent. |
Test IDs: | None available |
Cross References: |
Common Vulnerability Exposure (CVE) ID: CVE-2008-2830 http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html http://lists.apple.com/archives/security-announce//2008//Sep/msg00006.html BugTraq ID: 29831 http://www.securityfocus.com/bid/29831 http://it.slashdot.org/it/08/06/18/1919224.shtml http://www.securitytracker.com/id?1020345 http://secunia.com/advisories/30776 http://www.vupen.com/english/advisories/2008/1905/references XForce ISS Database: apple-macosx-ardagent-command-execution(43294) https://exchange.xforce.ibmcloud.com/vulnerabilities/43294 |