{"vuid":"VU#315856","idnumber":"315856","name":"Apple Mac OS X UserNotificationCenter privilege escalation vulnerability","keywords":["Apple","Mac","OS X","privilege escalation","UserNotificationCenter","CFUserNotificationSendRequest()","com.apple.UNCUserNotification","Apple-2007-002"],"overview":"Apple's UserNotificationCenter contains a vulnerability that may allow local users to gain elevated privileges.","clean_desc":"The Apple UserNotificationCenter contains a privilege escalation vulnerability. This vulnerability occurs because the Apple UserNotificationCenter runs with elevated privileges while operating on input submitted by users with normal privileges.","impact":"A user with valid login credentials may be able to run commands or modify system files with elevated privileges.","resolution":"Apply an update This issue is addressed in Apple Security Update 2007-002.","workarounds":"","sysaffected":"","thanks":"LMH published this vulnerability on the \nMonth of Apple Bugs\n website.","author":"This document was written by Ryan Giobbi.","public":["http://docs.info.apple.com/article.html?artnum=305102","http://developer.apple.com/documentation/CoreFoundation/Reference/CFUserNotificationRef/Reference/reference.html","http://projects.info-pull.com/moab/MOAB-22-01-2007.html","http://www.cocoadev.com/index.pl?InputManager","http://secunia.com/advisories/23846/","http://www.securityfocus.com/bid/22188","http://secunia.com/advisories/24198/"],"cveids":["CVE-2007-0023"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2007-01-23T16:55:01Z","publicdate":"2007-01-23T00:00:00Z","datefirstpublished":"2007-02-19T16:14:26Z","dateupdated":"2007-02-19T16:19:17Z","revision":23,"vrda_d1_directreport":"0","vrda_d1_population":"2","vrda_d1_impact":"2","cam_widelyknown":"18","cam_exploitation":"0","cam_internetinfrastructure":"4","cam_population":"5","cam_impact":"6","cam_easeofexploitation":"20","cam_attackeraccessrequired":"6","cam_scorecurrent":"1.485","cam_scorecurrentwidelyknown":"1.62","cam_scorecurrentwidelyknownexploited":"2.97","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":1.485,"vulnote":null}