CVE-2007-5862

Java in Mac OS X <10.4.11 - Auth Bypass

Title source: llm

Description

Java in Mac OS X 10.4 through 10.4.11 allows remote attackers to bypass Keychain access controls and add or delete arbitrary Keychain items via a crafted Java applet.

References (5)

[Vendor Advisory] http://docs.info.apple.com/article.html?artnum=307177

[Mailing List] http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html

[Patch, Vendor Advisory] http://secunia.com/advisories/28115

[Exploit, Patch] http://www.securityfocus.com/bid/26877

[Third Party Advisory] http://www.vupen.com/english/advisories/2007/4224

Scores

EPSS 0.0030

EPSS Percentile 53.0%

Classification

CWE

CWE-287

Status draft

Affected Products (12)

apple/mac_os_x

Timeline

Published Dec 18, 2007

Tracked Since Feb 18, 2026