CVE-2008-0046

MEDIUM

Description

The Application Firewall in Apple Mac OS X 10.5.2 has an incorrect German translation for the "Set access for specific services and applications" radio button that might cause the user to believe that the button is used to restrict access only to specific services and applications, which might allow attackers to bypass intended access restrictions.

References

http://docs.info.apple.com/article.html?artnum=307562

http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html

http://secunia.com/advisories/29420

http://www.securityfocus.com/bid/28304

http://www.securityfocus.com/bid/28368

http://www.securitytracker.com/id?1019658

http://www.us-cert.gov/cas/techalerts/TA08-079A.html

http://www.vupen.com/english/advisories/2008/0924/references

https://exchange.xforce.ibmcloud.com/vulnerabilities/41317

Details

Source: MITRE

Published: 2008-03-18

Updated: 2017-08-08

Type: CWE-264

Risk Information

CVSS v2.0

Base Score: 5

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Impact Score: 2.9

Exploitability Score: 10

Severity: MEDIUM