CVE-2007-0467

Apple Mac OS X 10.4.8 - Privilege Escalation

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-0467. PoCs published by MoAB.

AI-analyzed exploit summary This exploit leverages a symlink attack in macOS CrashReporter to overwrite the root crontab, achieving local privilege escalation. It manipulates the __LINKEDIT segment of a binary to influence crash log output and create a malicious crontab entry.

Description

crashdump in Apple Mac OS X 10.4.8 allows local users in the admin group to modify arbitrary files or gain privileges via a symlink attack on application logs in /Library/Logs/CrashReporter/.

Exploits (1)

exploitdb WORKING POC VERIFIED
by MoAB · rubylocalosx
https://www.exploit-db.com/exploits/3219

This exploit leverages a symlink attack in macOS CrashReporter to overwrite the root crontab, achieving local privilege escalation. It manipulates the __LINKEDIT segment of a binary to influence crash log output and create a malicious crontab entry.

Classification
Working Poc 95%
Attack Type
Lpe
Complexity
Moderate
Reliability
Reliable
Target: macOS CrashReporter (pre-2007)
Auth required
Prerequisites: Local access to a vulnerable macOS system · Ability to execute arbitrary commands
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (10)

Core 10
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/31888
US Government Resource third-party-advisory x_refsource_cert
http://www.us-cert.gov/cas/techalerts/TA07-072A.html
Mailing List vendor-advisory x_refsource_apple
http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html
Vendor Advisory x_refsource_confirm
http://docs.info.apple.com/article.html?artnum=305214
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id?1017751
Exploit, Vendor Advisory x_refsource_misc
http://projects.info-pull.com/moab/MOAB-28-01-2007.html
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2007/0930
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/32706
US Government Resource third-party-advisory x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/363112
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/24479

Scores

EPSS 0.0175
EPSS Percentile 74.8%

Details

Status published
Products (1)
apple/mac_os_x 10.4.8
Published Jan 31, 2007
Tracked Since Feb 18, 2026