|
|
CVE Reference: CVE-2008-2830 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2008-2830 |
|
|
Description: Open Scripting Architecture in Apple Mac OS X 10.4.11 and 10.5.4, and some other 10.4 and 10.5 versions, does not properly restrict the loading of scripting addition plugins, which allows local users to gain privileges via scripting addition commands to a privileged application, as originally demonstrated by an osascript tell command to ARDAgent. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/43294 ST 1020345 SAID Secunia Advisory: SA30776 MISC http://it.slashdot.org/it/08/06/18/1919224.shtml BID 29831 APPLE http://lists.apple.com/archives/security-announce//2008//Sep/msg00006.html http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html |
|
| Return to the previous page. |
