CVE-2007-0752

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=537", "name": "20070524 Apple Computer Mac OS X pppd Plugin Loading Privilege Escalation Vulnerability", "tags": ["Vendor Advisory"], "refsource": "IDEFENSE"}, {"url": "http://lists.apple.com/archives/security-announce/2007/May/msg00004.html", "name": "APPLE-SA-2007-05-24", "tags": [], "refsource": "APPLE"}, {"url": "http://www.securityfocus.com/bid/24144", "name": "24144", "tags": [], "refsource": "BID"}, {"url": "http://www.osvdb.org/35144", "name": "35144", "tags": [], "refsource": "OSVDB"}, {"url": "http://www.securitytracker.com/id?1018124", "name": "1018124", "tags": [], "refsource": "SECTRACK"}, {"url": "http://secunia.com/advisories/25402", "name": "25402", "tags": [], "refsource": "SECUNIA"}, {"url": "http://www.vupen.com/english/advisories/2007/1939", "name": "ADV-2007-1939", "tags": [], "refsource": "VUPEN"}, {"url": "http://docs.info.apple.com/article.html?artnum=305530", "name": "http://docs.info.apple.com/article.html?artnum=305530", "tags": [], "refsource": "CONFIRM"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34503", "name": "macos-pppd-privilege-escalation(34503)", "tags": [], "refsource": "XF"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "The PPP daemon (pppd) in Apple Mac OS X 10.4.8 checks ownership of the stdin file descriptor to determine if the invoker has sufficient privileges, which allows local users to load arbitrary plugins and gain root privileges by bypassing this check."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2007-0752", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 7.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "severity": "HIGH", "impactScore": 10.0, "obtainAllPrivilege": true, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2007-05-24T22:30Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.4.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2017-07-29T01:30Z"}