CVE-2007-4699 : The default configuration of Safari in Apple Mac OS X 10.4 through 10.4.10 adds a private key to the keychain with permi

The default configuration of Safari in Apple Mac OS X 10.4 through 10.4.10 adds a private key to the keychain with permissions that allow other applications to access the key without warning the user, which might allow other applications to bypass intended access restrictions.

Published 2007-11-15 02:46:00

Updated 2017-07-29 01:33:07

Source MITRE

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2007-4699

Probability of exploitation activity in the next 30 days: 1.36%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 86 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2007-4699

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
7.5	HIGH	AV:N/AC:L/Au:N/C:P/I:P/A:P	10.0	6.4	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial

CWE ids for CVE-2007-4699

CWE-264

Assigned by: nvd@nist.gov (Primary)

References for CVE-2007-4699

http://www.us-cert.gov/cas/techalerts/TA07-319A.html

Page Not Found | CISA
US Government Resource

CVEs referencing this url
http://securitytracker.com/id?1018948

CVEs referencing this url
http://www.vupen.com/english/advisories/2007/3868

Webmail: access your OVH emails on ovhcloud.com | OVHcloud

CVEs referencing this url
https://exchange.xforce.ibmcloud.com/vulnerabilities/38485
http://www.securityfocus.com/bid/26444

CVEs referencing this url
http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html

Patch

CVEs referencing this url
http://docs.info.apple.com/article.html?artnum=307041

CVEs referencing this url

Products affected by CVE-2007-4699

Apple » Safari
cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
Matching versions
When used together with: Apple » Mac Os X » Version: 10.4.1
When used together with: Apple » Mac Os X » Version: 10.4.2
When used together with: Apple » Mac Os X » Version: 10.4.3
When used together with: Apple » Mac Os X » Version: 10.4.4
When used together with: Apple » Mac Os X » Version: 10.4.5
When used together with: Apple » Mac Os X » Version: 10.4.6
When used together with: Apple » Mac Os X » Version: 10.4.7
When used together with: Apple » Mac Os X » Version: 10.4.8
When used together with: Apple » Mac Os X » Version: 10.4.9
When used together with: Apple » Mac Os X » Version: 10.4.10
When used together with: Apple » Mac Os X Server » Version: 10.4.1
When used together with: Apple » Mac Os X Server » Version: 10.4.2
When used together with: Apple » Mac Os X Server » Version: 10.4.3
When used together with: Apple » Mac Os X Server » Version: 10.4.4
When used together with: Apple » Mac Os X Server » Version: 10.4.5
When used together with: Apple » Mac Os X Server » Version: 10.4.6
When used together with: Apple » Mac Os X Server » Version: 10.4.7
When used together with: Apple » Mac Os X Server » Version: 10.4.8
When used together with: Apple » Mac Os X Server » Version: 10.4.9
When used together with: Apple » Mac Os X Server » Version: 10.4.10

Vulnerability Details : CVE-2007-4699

Exploit prediction scoring system (EPSS) score for CVE-2007-4699

CVSS scores for CVE-2007-4699

CWE ids for CVE-2007-4699

References for CVE-2007-4699

Products affected by CVE-2007-4699