Back to search
CVE-2008-2830
Published: Jun 23, 2008
Modified: Aug 7, 2024
PUBLISHED
Description
Open Scripting Architecture in Apple Mac OS X 10.4.11 and 10.5.4, and some other 10.4 and 10.5 versions, does not properly restrict the loading of scripting addition plugins, which allows local users to gain privileges via scripting addition commands to a privileged application, as originally demonstrated by an osascript tell command to ARDAgent.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
ADV-2008-1905
vdb-entry
x_refsource_VUPEN
APPLE-SA-2008-07-31
vendor-advisory
x_refsource_APPLE
30776
third-party-advisory
x_refsource_SECUNIA
apple-macosx-ardagent-command-execution(43294)
vdb-entry
x_refsource_XF
http://it.slashdot.org/it/08/06/18/1919224.shtml
x_refsource_MISC
29831
vdb-entry
x_refsource_BID
1020345
vdb-entry
x_refsource_SECTRACK
APPLE-SA-2008-09-16
vendor-advisory
x_refsource_APPLE
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now