Vulnerability-Lookup

CVE-2007-5829 (GCVE-0-2007-5829)

Vulnerability from cvelistv5 – Published: 2007-11-05 19:00 – Updated: 2024-08-07 15:47

Summary

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://securityresponse.symantec.com/avcenter/sec…	x_refsource_CONFIRM
	http://securitytracker.com/id?1018890	vdb-entryx_refsource_SECTRACK
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://secunia.com/advisories/27488	third-party-advisoryx_refsource_SECUNIA
	http://www.securityfocus.com/bid/26253	vdb-entryx_refsource_BID
	http://securitytracker.com/id?1018889	vdb-entryx_refsource_SECTRACK
	http://www.vupen.com/english/advisories/2007/3698	vdb-entryx_refsource_VUPEN
	http://osvdb.org/40864	vdb-entryx_refsource_OSVDB

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T15:47:00.262Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.11.02.html"
          },
          {
            "name": "1018890",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1018890"
          },
          {
            "name": "symantec-av-mac-privilege-escalation(38229)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38229"
          },
          {
            "name": "27488",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27488"
          },
          {
            "name": "26253",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/26253"
          },
          {
            "name": "1018889",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1018889"
          },
          {
            "name": "ADV-2007-3698",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/3698"
          },
          {
            "name": "40864",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/40864"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-11-01T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The Disk Mount scanner in Symantec AntiVirus for Macintosh 9.x and 10.x, Norton AntiVirus for Macintosh 10.0 and 10.1, and Norton Internet Security for Macintosh 3.x, uses a directory with weak permissions (group writable), which allows local admin users to gain root privileges by replacing unspecified files, which are executed when a user with physical access inserts a disk and the \"Show Progress During Mount Scans\" option is enabled."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-28T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.11.02.html"
        },
        {
          "name": "1018890",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1018890"
        },
        {
          "name": "symantec-av-mac-privilege-escalation(38229)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38229"
        },
        {
          "name": "27488",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27488"
        },
        {
          "name": "26253",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/26253"
        },
        {
          "name": "1018889",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1018889"
        },
        {
          "name": "ADV-2007-3698",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/3698"
        },
        {
          "name": "40864",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/40864"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-5829",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The Disk Mount scanner in Symantec AntiVirus for Macintosh 9.x and 10.x, Norton AntiVirus for Macintosh 10.0 and 10.1, and Norton Internet Security for Macintosh 3.x, uses a directory with weak permissions (group writable), which allows local admin users to gain root privileges by replacing unspecified files, which are executed when a user with physical access inserts a disk and the \"Show Progress During Mount Scans\" option is enabled."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://securityresponse.symantec.com/avcenter/security/Content/2007.11.02.html",
              "refsource": "CONFIRM",
              "url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.11.02.html"
            },
            {
              "name": "1018890",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1018890"
            },
            {
              "name": "symantec-av-mac-privilege-escalation(38229)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38229"
            },
            {
              "name": "27488",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27488"
            },
            {
              "name": "26253",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/26253"
            },
            {
              "name": "1018889",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1018889"
            },
            {
              "name": "ADV-2007-3698",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/3698"
            },
            {
              "name": "40864",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/40864"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-5829",
    "datePublished": "2007-11-05T19:00:00",
    "dateReserved": "2007-11-05T00:00:00",
    "dateUpdated": "2024-08-07T15:47:00.262Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2007-5829\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2007-11-05T19:46:00.000\",\"lastModified\":\"2025-04-09T00:30:58.490\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The Disk Mount scanner in Symantec AntiVirus for Macintosh 9.x and 10.x, Norton AntiVirus for Macintosh 10.0 and 10.1, and Norton Internet Security for Macintosh 3.x, uses a directory with weak permissions (group writable), which allows local admin users to gain root privileges by replacing unspecified files, which are executed when a user with physical access inserts a disk and the \\\"Show Progress During Mount Scans\\\" option is enabled.\"},{\"lang\":\"es\",\"value\":\"El esc\u00e1ner Disk Mount en Symantec AntiVirus para Macintosh versiones 9.x y 10.x, Norton AntiVirus para Macintosh versiones 10.0 y 10.1 y Norton Internet Security para Macintosh versiones 3.x , usa un directorio con permisos d\u00e9biles (grupo grabable), que permite a usuarios administradores locales alcanzar privilegios de root mediante la sustituci\u00f3n de archivos no especificados, que se ejecutan cuando un usuario con acceso f\u00edsico inserta un disco y la opci\u00f3n \\\"Show Progress During Mount Scans\\\" est\u00e1 habilitada.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:H/Au:S/C:C/I:C/A:C\",\"baseScore\":6.0,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"HIGH\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":1.5,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":true,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-264\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:norton_antivirus:9.0:*:macintosh:*:*:*:*:*\",\"matchCriteriaId\":\"497635AC-D7F2-4A5C-8C37-DA493C9681A9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:norton_antivirus:9.0.1:*:macintosh:*:*:*:*:*\",\"matchCriteriaId\":\"242D33E8-1B6B-4562-9F2A-1B34E3B7BC71\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:norton_antivirus:9.0.2:*:macintosh:*:*:*:*:*\",\"matchCriteriaId\":\"252ACD1B-323F-4139-880D-89D600F29986\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:norton_antivirus:9.0.3:*:macintosh:*:*:*:*:*\",\"matchCriteriaId\":\"B2D0922A-3EA3-4BC9-9311-9DCA57338CBD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:norton_antivirus:10.0:*:macintosh:*:*:*:*:*\",\"matchCriteriaId\":\"7225A578-8F62-42BD-99AC-D3385478613A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:norton_antivirus:10.1:*:macintosh:*:*:*:*:*\",\"matchCriteriaId\":\"2A061F24-0256-47F4-A1DD-702A0031EAAD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:norton_internet_security:3.0:*:macintosh:*:*:*:*:*\",\"matchCriteriaId\":\"D2259605-B720-42B0-8476-6CAE07C7B143\"}]}]}],\"references\":[{\"url\":\"http://osvdb.org/40864\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/27488\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://securityresponse.symantec.com/avcenter/security/Content/2007.11.02.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://securitytracker.com/id?1018889\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://securitytracker.com/id?1018890\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/26253\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2007/3698\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/38229\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://osvdb.org/40864\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/27488\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://securityresponse.symantec.com/avcenter/security/Content/2007.11.02.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://securitytracker.com/id?1018889\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://securitytracker.com/id?1018890\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/26253\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2007/3698\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/38229\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

VAR-200711-0405

Vulnerability from variot - Updated: 2025-04-10 23:18

The Disk Mount scanner in Symantec AntiVirus for Macintosh 9.x and 10.x, Norton AntiVirus for Macintosh 10.0 and 10.1, and Norton Internet Security for Macintosh 3.x, uses a directory with weak permissions (group writable), which allows local admin users to gain root privileges by replacing unspecified files, which are executed when a user with physical access inserts a disk and the "Show Progress During Mount Scans" option is enabled. Symantec AntiVirus for Macintosh is prone to a local privilege-escalation vulnerability. This issue occurs in the Mount Scan feature. An attacker with group 'admin' privileges can exploit this issue to execute arbitrary code with superuser privileges. Successfully exploiting this issue will result in the complete compromise of affected computers.

2003: 2,700 advisories published 2004: 3,100 advisories published 2005: 4,600 advisories published 2006: 5,300 advisories published

How do you know which Secunia advisories are important to you?

The Secunia Vulnerability Intelligence Solutions allows you to filter and structure all the information you need, so you can address issues effectively.

The weakness is caused due to insecure permissions on the "/Library/Application Support" folder. replacing a certain application within the affected folder or tricking the Disk Mount scanner into launching an arbitrary executable by renaming folders.

Successful exploitation requires membership of the "admin" group and that "mount scanning" is enabled and configured to show the progress. Linux and Windows versions are not affected.

SOLUTION: The vendor recommends to disable "Show Progress During Mount Scans" and to set the sticky bit for the folder "Library/Application Support" (see the vendor's advisory for details).

PROVIDED AND/OR DISCOVERED BY: The vendor credits William Carrel.

ORIGINAL ADVISORY: http://securityresponse.symantec.com/avcenter/security/Content/2007.11.02.html

About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200711-0405",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "norton antivirus",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "symantec",
        "version": "9.0.3"
      },
      {
        "model": "norton antivirus",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "symantec",
        "version": "9.0"
      },
      {
        "model": "norton internet security",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "symantec",
        "version": "3.0"
      },
      {
        "model": "norton antivirus",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "symantec",
        "version": "9.0.1"
      },
      {
        "model": "norton antivirus",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "symantec",
        "version": "10.1"
      },
      {
        "model": "norton antivirus",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "symantec",
        "version": "10.0"
      },
      {
        "model": "norton antivirus",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "symantec",
        "version": "9.0.2"
      },
      {
        "model": "norton antivirus",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "symantec",
        "version": "10.0 and  10.1"
      },
      {
        "model": "norton internet security",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "symantec",
        "version": "3.x"
      },
      {
        "model": "norton antivirus for macintosh",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "9.0"
      },
      {
        "model": "norton antivirus for macintosh",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "10.0"
      },
      {
        "model": "internet security for macintosh",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "3.0"
      },
      {
        "model": "antivirus for macintosh",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "10.1"
      },
      {
        "model": "antivirus for macintosh",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "10.0"
      },
      {
        "model": "norton antivirus for macintosh",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "11.0"
      },
      {
        "model": "antivirus for macintosh",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "10.2"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "26253"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-006298"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200711-054"
      },
      {
        "db": "NVD",
        "id": "CVE-2007-5829"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:symantec:norton_antivirus",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:symantec:norton_internet_security",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-006298"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "William Carrel is credited with discovering this vulnerability.",
    "sources": [
      {
        "db": "BID",
        "id": "26253"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200711-054"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2007-5829",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "HIGH",
            "accessVector": "LOCAL",
            "authentication": "SINGLE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 1.5,
            "id": "CVE-2007-5829",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:L/AC:H/Au:S/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "HIGH",
            "accessVector": "LOCAL",
            "authentication": "SINGLE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 1.5,
            "id": "VHN-29191",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:L/AC:H/AU:S/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2007-5829",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2007-5829",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200711-054",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-29191",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-29191"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-006298"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200711-054"
      },
      {
        "db": "NVD",
        "id": "CVE-2007-5829"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The Disk Mount scanner in Symantec AntiVirus for Macintosh 9.x and 10.x, Norton AntiVirus for Macintosh 10.0 and 10.1, and Norton Internet Security for Macintosh 3.x, uses a directory with weak permissions (group writable), which allows local admin users to gain root privileges by replacing unspecified files, which are executed when a user with physical access inserts a disk and the \"Show Progress During Mount Scans\" option is enabled. Symantec AntiVirus for Macintosh is prone to a local privilege-escalation vulnerability. This issue occurs in the Mount Scan feature. \nAn attacker with group \u0027admin\u0027 privileges can exploit this issue to execute arbitrary code with superuser privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. \n\n----------------------------------------------------------------------\n\n2003: 2,700 advisories published\n2004: 3,100 advisories published\n2005: 4,600 advisories published\n2006: 5,300 advisories published\n\nHow do you know which Secunia advisories are important to you?\n\nThe Secunia Vulnerability Intelligence Solutions allows you to filter\nand structure all the information you need, so you can address issues\neffectively. \n\nThe weakness is caused due to insecure permissions on the\n\"/Library/Application Support\" folder. replacing a certain\napplication within the affected folder or tricking the Disk Mount\nscanner into launching an arbitrary executable by renaming folders. \n\nSuccessful exploitation requires membership of the \"admin\" group and\nthat \"mount scanning\" is enabled and configured to show the\nprogress. Linux and Windows versions are not affected. \n\nSOLUTION:\nThe vendor recommends to disable \"Show Progress During Mount Scans\"\nand to set the sticky bit for the folder \"Library/Application\nSupport\" (see the vendor\u0027s advisory for details). \n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits William Carrel. \n\nORIGINAL ADVISORY:\nhttp://securityresponse.symantec.com/avcenter/security/Content/2007.11.02.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2007-5829"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-006298"
      },
      {
        "db": "BID",
        "id": "26253"
      },
      {
        "db": "VULHUB",
        "id": "VHN-29191"
      },
      {
        "db": "PACKETSTORM",
        "id": "60672"
      }
    ],
    "trust": 2.07
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2007-5829",
        "trust": 2.8
      },
      {
        "db": "BID",
        "id": "26253",
        "trust": 2.0
      },
      {
        "db": "SECUNIA",
        "id": "27488",
        "trust": 1.8
      },
      {
        "db": "SECTRACK",
        "id": "1018890",
        "trust": 1.7
      },
      {
        "db": "SECTRACK",
        "id": "1018889",
        "trust": 1.7
      },
      {
        "db": "VUPEN",
        "id": "ADV-2007-3698",
        "trust": 1.7
      },
      {
        "db": "OSVDB",
        "id": "40864",
        "trust": 1.7
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-006298",
        "trust": 0.8
      },
      {
        "db": "XF",
        "id": "38229",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200711-054",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-29191",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "60672",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-29191"
      },
      {
        "db": "BID",
        "id": "26253"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-006298"
      },
      {
        "db": "PACKETSTORM",
        "id": "60672"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200711-054"
      },
      {
        "db": "NVD",
        "id": "CVE-2007-5829"
      }
    ]
  },
  "id": "VAR-200711-0405",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-29191"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2025-04-10T23:18:06.707000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SYM07-028",
        "trust": 0.8,
        "url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.11.02.html"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-006298"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-264",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-29191"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-006298"
      },
      {
        "db": "NVD",
        "id": "CVE-2007-5829"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.8,
        "url": "http://securityresponse.symantec.com/avcenter/security/content/2007.11.02.html"
      },
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/26253"
      },
      {
        "trust": 1.7,
        "url": "http://osvdb.org/40864"
      },
      {
        "trust": 1.7,
        "url": "http://securitytracker.com/id?1018889"
      },
      {
        "trust": 1.7,
        "url": "http://securitytracker.com/id?1018890"
      },
      {
        "trust": 1.7,
        "url": "http://secunia.com/advisories/27488"
      },
      {
        "trust": 1.1,
        "url": "http://www.vupen.com/english/advisories/2007/3698"
      },
      {
        "trust": 1.1,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38229"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5829"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-5829"
      },
      {
        "trust": 0.6,
        "url": "http://xforce.iss.net/xforce/xfdb/38229"
      },
      {
        "trust": 0.6,
        "url": "http://www.frsirt.com/english/advisories/2007/3698"
      },
      {
        "trust": 0.3,
        "url": "http://www.symantec.com/norton/products/overview.jsp?pcid=ma\u0026pvid=nav10mac"
      },
      {
        "trust": 0.3,
        "url": "http://blog.carrel.org/2007/11/security-advisory-norton-antivirus-for.html"
      },
      {
        "trust": 0.3,
        "url": "http://www.symantec.com/avcenter/security/content/2007.11.02.html"
      },
      {
        "trust": 0.3,
        "url": "http://service1.symantec.com/support/num.nsf/docid/2008022610250611"
      },
      {
        "trust": 0.3,
        "url": "http://service1.symantec.com/support/ent-security.nsf/docid/2008021511052348"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/5951/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/14768/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/27488/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/5949/"
      },
      {
        "trust": 0.1,
        "url": "http://corporate.secunia.com/how_to_buy/38/vi/?ref=secadv"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/about_secunia_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/5948/"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-29191"
      },
      {
        "db": "BID",
        "id": "26253"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-006298"
      },
      {
        "db": "PACKETSTORM",
        "id": "60672"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200711-054"
      },
      {
        "db": "NVD",
        "id": "CVE-2007-5829"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-29191"
      },
      {
        "db": "BID",
        "id": "26253"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-006298"
      },
      {
        "db": "PACKETSTORM",
        "id": "60672"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200711-054"
      },
      {
        "db": "NVD",
        "id": "CVE-2007-5829"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2007-11-05T00:00:00",
        "db": "VULHUB",
        "id": "VHN-29191"
      },
      {
        "date": "2007-11-01T00:00:00",
        "db": "BID",
        "id": "26253"
      },
      {
        "date": "2012-12-20T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2007-006298"
      },
      {
        "date": "2007-11-05T16:03:55",
        "db": "PACKETSTORM",
        "id": "60672"
      },
      {
        "date": "2007-11-05T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200711-054"
      },
      {
        "date": "2007-11-05T19:46:00",
        "db": "NVD",
        "id": "CVE-2007-5829"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-07-29T00:00:00",
        "db": "VULHUB",
        "id": "VHN-29191"
      },
      {
        "date": "2008-02-28T16:12:00",
        "db": "BID",
        "id": "26253"
      },
      {
        "date": "2012-12-20T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2007-006298"
      },
      {
        "date": "2007-11-07T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200711-054"
      },
      {
        "date": "2025-04-09T00:30:58.490000",
        "db": "NVD",
        "id": "CVE-2007-5829"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "BID",
        "id": "26253"
      },
      {
        "db": "PACKETSTORM",
        "id": "60672"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200711-054"
      }
    ],
    "trust": 1.0
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Macintosh For  Symantec AntiVirus Of products such as  Disk Mount In the scanner  root Privileged vulnerability",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-006298"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "permissions and access control",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200711-054"
      }
    ],
    "trust": 0.6
  }
}

GHSA-H32X-CWV5-64XP

Vulnerability from github – Published: 2022-05-01 18:37 – Updated: 2022-05-01 18:37

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2007-5829"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2007-11-05T19:46:00Z",
    "severity": "MODERATE"
  },
  "details": "The Disk Mount scanner in Symantec AntiVirus for Macintosh 9.x and 10.x, Norton AntiVirus for Macintosh 10.0 and 10.1, and Norton Internet Security for Macintosh 3.x, uses a directory with weak permissions (group writable), which allows local admin users to gain root privileges by replacing unspecified files, which are executed when a user with physical access inserts a disk and the \"Show Progress During Mount Scans\" option is enabled.",
  "id": "GHSA-h32x-cwv5-64xp",
  "modified": "2022-05-01T18:37:06Z",
  "published": "2022-05-01T18:37:06Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-5829"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38229"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/40864"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/27488"
    },
    {
      "type": "WEB",
      "url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.11.02.html"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1018889"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1018890"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/26253"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2007/3698"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

FKIE_CVE-2007-5829

Vulnerability from fkie_nvd - Published: 2007-11-05 19:46 - Updated: 2025-04-09 00:30

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://osvdb.org/40864
cve@mitre.org	http://secunia.com/advisories/27488	Vendor Advisory
cve@mitre.org	http://securityresponse.symantec.com/avcenter/security/Content/2007.11.02.html
cve@mitre.org	http://securitytracker.com/id?1018889
cve@mitre.org	http://securitytracker.com/id?1018890
cve@mitre.org	http://www.securityfocus.com/bid/26253
cve@mitre.org	http://www.vupen.com/english/advisories/2007/3698	Vendor Advisory
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/38229
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/40864
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27488	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securityresponse.symantec.com/avcenter/security/Content/2007.11.02.html
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1018889
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1018890
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/26253
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/3698	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/38229

Impacted products

Vendor	Product	Version
symantec	norton_antivirus	9.0
symantec	norton_antivirus	9.0.1
symantec	norton_antivirus	9.0.2
symantec	norton_antivirus	9.0.3
symantec	norton_antivirus	10.0
symantec	norton_antivirus	10.1
symantec	norton_internet_security	3.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0:*:macintosh:*:*:*:*:*",
              "matchCriteriaId": "497635AC-D7F2-4A5C-8C37-DA493C9681A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.1:*:macintosh:*:*:*:*:*",
              "matchCriteriaId": "242D33E8-1B6B-4562-9F2A-1B34E3B7BC71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.2:*:macintosh:*:*:*:*:*",
              "matchCriteriaId": "252ACD1B-323F-4139-880D-89D600F29986",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.3:*:macintosh:*:*:*:*:*",
              "matchCriteriaId": "B2D0922A-3EA3-4BC9-9311-9DCA57338CBD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0:*:macintosh:*:*:*:*:*",
              "matchCriteriaId": "7225A578-8F62-42BD-99AC-D3385478613A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:10.1:*:macintosh:*:*:*:*:*",
              "matchCriteriaId": "2A061F24-0256-47F4-A1DD-702A0031EAAD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_internet_security:3.0:*:macintosh:*:*:*:*:*",
              "matchCriteriaId": "D2259605-B720-42B0-8476-6CAE07C7B143",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The Disk Mount scanner in Symantec AntiVirus for Macintosh 9.x and 10.x, Norton AntiVirus for Macintosh 10.0 and 10.1, and Norton Internet Security for Macintosh 3.x, uses a directory with weak permissions (group writable), which allows local admin users to gain root privileges by replacing unspecified files, which are executed when a user with physical access inserts a disk and the \"Show Progress During Mount Scans\" option is enabled."
    },
    {
      "lang": "es",
      "value": "El esc\u00e1ner Disk Mount en Symantec AntiVirus para Macintosh versiones 9.x y 10.x, Norton AntiVirus para Macintosh versiones 10.0 y 10.1 y Norton Internet Security para Macintosh versiones 3.x , usa un directorio con permisos d\u00e9biles (grupo grabable), que permite a usuarios administradores locales alcanzar privilegios de root mediante la sustituci\u00f3n de archivos no especificados, que se ejecutan cuando un usuario con acceso f\u00edsico inserta un disco y la opci\u00f3n \"Show Progress During Mount Scans\" est\u00e1 habilitada."
    }
  ],
  "id": "CVE-2007-5829",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "LOCAL",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 6.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:H/Au:S/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 1.5,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-11-05T19:46:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/40864"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27488"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.11.02.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1018889"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1018890"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/26253"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2007/3698"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38229"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/40864"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27488"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.11.02.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1018889"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1018890"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/26253"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2007/3698"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38229"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GSD-2007-5829

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2007-5829

Aliases

CVE-2007-5829

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2007-5829",
    "description": "The Disk Mount scanner in Symantec AntiVirus for Macintosh 9.x and 10.x, Norton AntiVirus for Macintosh 10.0 and 10.1, and Norton Internet Security for Macintosh 3.x, uses a directory with weak permissions (group writable), which allows local admin users to gain root privileges by replacing unspecified files, which are executed when a user with physical access inserts a disk and the \"Show Progress During Mount Scans\" option is enabled.",
    "id": "GSD-2007-5829"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2007-5829"
      ],
      "details": "The Disk Mount scanner in Symantec AntiVirus for Macintosh 9.x and 10.x, Norton AntiVirus for Macintosh 10.0 and 10.1, and Norton Internet Security for Macintosh 3.x, uses a directory with weak permissions (group writable), which allows local admin users to gain root privileges by replacing unspecified files, which are executed when a user with physical access inserts a disk and the \"Show Progress During Mount Scans\" option is enabled.",
      "id": "GSD-2007-5829",
      "modified": "2023-12-13T01:21:41.200340Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2007-5829",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The Disk Mount scanner in Symantec AntiVirus for Macintosh 9.x and 10.x, Norton AntiVirus for Macintosh 10.0 and 10.1, and Norton Internet Security for Macintosh 3.x, uses a directory with weak permissions (group writable), which allows local admin users to gain root privileges by replacing unspecified files, which are executed when a user with physical access inserts a disk and the \"Show Progress During Mount Scans\" option is enabled."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://securityresponse.symantec.com/avcenter/security/Content/2007.11.02.html",
            "refsource": "CONFIRM",
            "url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.11.02.html"
          },
          {
            "name": "1018890",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1018890"
          },
          {
            "name": "symantec-av-mac-privilege-escalation(38229)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38229"
          },
          {
            "name": "27488",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/27488"
          },
          {
            "name": "26253",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/26253"
          },
          {
            "name": "1018889",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1018889"
          },
          {
            "name": "ADV-2007-3698",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2007/3698"
          },
          {
            "name": "40864",
            "refsource": "OSVDB",
            "url": "http://osvdb.org/40864"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:9.0.2:*:macintosh:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:9.0.3:*:macintosh:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:10.1:*:macintosh:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:9.0.1:*:macintosh:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:9.0:*:macintosh:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:norton_internet_security:3.0:*:macintosh:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:10.0:*:macintosh:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-5829"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The Disk Mount scanner in Symantec AntiVirus for Macintosh 9.x and 10.x, Norton AntiVirus for Macintosh 10.0 and 10.1, and Norton Internet Security for Macintosh 3.x, uses a directory with weak permissions (group writable), which allows local admin users to gain root privileges by replacing unspecified files, which are executed when a user with physical access inserts a disk and the \"Show Progress During Mount Scans\" option is enabled."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-264"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://securityresponse.symantec.com/avcenter/security/Content/2007.11.02.html",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.11.02.html"
            },
            {
              "name": "26253",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/26253"
            },
            {
              "name": "1018889",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://securitytracker.com/id?1018889"
            },
            {
              "name": "1018890",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://securitytracker.com/id?1018890"
            },
            {
              "name": "27488",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/27488"
            },
            {
              "name": "40864",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://osvdb.org/40864"
            },
            {
              "name": "ADV-2007-3698",
              "refsource": "VUPEN",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/3698"
            },
            {
              "name": "symantec-av-mac-privilege-escalation(38229)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38229"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "HIGH",
            "accessVector": "LOCAL",
            "authentication": "SINGLE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.0,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:L/AC:H/Au:S/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 1.5,
          "impactScore": 10.0,
          "obtainAllPrivilege": true,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2017-07-29T01:33Z",
      "publishedDate": "2007-11-05T19:46Z"
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2007-5829 (GCVE-0-2007-5829)

VAR-200711-0405

GHSA-H32X-CWV5-64XP

FKIE_CVE-2007-5829

GSD-2007-5829

Tags

Sightings

Nomenclature