CVE-2010-0498

Loading...

General

Score:7.2/10.0
Severity:Medium
Category:Access Control Error

Impact Metrics

Confidentiality:Complete
Integrity:Complete
Availability:Complete

Exploitability Metrics

Access Vector:Local
Access Complexity:Low
Authentication:None

Published on 03/30/10 - Updated on 03/31/10

Description

Directory Services in Apple Mac OS X before 10.6.3 does not properly perform authorization during processing of record names, which allows local users to gain privileges via unspecified vectors.

Category: Access Control Error

CWE-287 (Authentication Issues)
When an actor claims to have a given identity, the software does not prove or insufficiently proves that the claim is correct.

Security Notices

US National Vulnerability DatabaseCVE-2010-0498
Agence Nationale de la Sécurité des Systèmes d'Information CERTA-2010-AVI-143

Exploits

No exploits available for this CVE in our database.

Relative technologies

VendorProduct
applemac_os_x
applemac_os_x_server

Share this vulnerability with:

Twitter Facebook LinkedIn Mail