// For flags

CVE-2007-4687

 

Severity Score

7.5
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

The remote_cmds component in Apple Mac OS X 10.4 through 10.4.10 contains a symbolic link from the tftpboot private directory to the root directory, which allows tftpd users to escape the private directory and access arbitrary files.

El componente remote_cmds de Apple Mac OS X 10.4 hasta 10.4.10 contiene un enlace simbólico desde el directorio privado tftpboot al directorio root, lo cual permite a usuarios tftpd escapar del directorio privado y acceder a archivos de su elección.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None
Attack Vector
Network
Attack Complexity
Medium
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2007-09-05 CVE Reserved
  • 2007-11-15 CVE Published
  • 2024-08-07 CVE Updated
  • 2025-03-30 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-16: Configuration
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Apple
Search vendor "Apple"
Mac Os X
Search vendor "Apple" for product "Mac Os X"
10.4.1
Search vendor "Apple" for product "Mac Os X" and version "10.4.1"
-
Affected
Apple
Search vendor "Apple"
Mac Os X
Search vendor "Apple" for product "Mac Os X"
10.4.2
Search vendor "Apple" for product "Mac Os X" and version "10.4.2"
-
Affected
Apple
Search vendor "Apple"
Mac Os X
Search vendor "Apple" for product "Mac Os X"
10.4.3
Search vendor "Apple" for product "Mac Os X" and version "10.4.3"
-
Affected
Apple
Search vendor "Apple"
Mac Os X
Search vendor "Apple" for product "Mac Os X"
10.4.4
Search vendor "Apple" for product "Mac Os X" and version "10.4.4"
-
Affected
Apple
Search vendor "Apple"
Mac Os X
Search vendor "Apple" for product "Mac Os X"
10.4.5
Search vendor "Apple" for product "Mac Os X" and version "10.4.5"
-
Affected
Apple
Search vendor "Apple"
Mac Os X
Search vendor "Apple" for product "Mac Os X"
10.4.6
Search vendor "Apple" for product "Mac Os X" and version "10.4.6"
-
Affected
Apple
Search vendor "Apple"
Mac Os X
Search vendor "Apple" for product "Mac Os X"
10.4.7
Search vendor "Apple" for product "Mac Os X" and version "10.4.7"
-
Affected
Apple
Search vendor "Apple"
Mac Os X
Search vendor "Apple" for product "Mac Os X"
10.4.8
Search vendor "Apple" for product "Mac Os X" and version "10.4.8"
-
Affected
Apple
Search vendor "Apple"
Mac Os X
Search vendor "Apple" for product "Mac Os X"
10.4.9
Search vendor "Apple" for product "Mac Os X" and version "10.4.9"
-
Affected
Apple
Search vendor "Apple"
Mac Os X
Search vendor "Apple" for product "Mac Os X"
10.4.10
Search vendor "Apple" for product "Mac Os X" and version "10.4.10"
-
Affected
Apple
Search vendor "Apple"
Mac Os X Server
Search vendor "Apple" for product "Mac Os X Server"
10.4.1
Search vendor "Apple" for product "Mac Os X Server" and version "10.4.1"
-
Affected
Apple
Search vendor "Apple"
Mac Os X Server
Search vendor "Apple" for product "Mac Os X Server"
10.4.2
Search vendor "Apple" for product "Mac Os X Server" and version "10.4.2"
-
Affected
Apple
Search vendor "Apple"
Mac Os X Server
Search vendor "Apple" for product "Mac Os X Server"
10.4.3
Search vendor "Apple" for product "Mac Os X Server" and version "10.4.3"
-
Affected
Apple
Search vendor "Apple"
Mac Os X Server
Search vendor "Apple" for product "Mac Os X Server"
10.4.4
Search vendor "Apple" for product "Mac Os X Server" and version "10.4.4"
-
Affected
Apple
Search vendor "Apple"
Mac Os X Server
Search vendor "Apple" for product "Mac Os X Server"
10.4.5
Search vendor "Apple" for product "Mac Os X Server" and version "10.4.5"
-
Affected
Apple
Search vendor "Apple"
Mac Os X Server
Search vendor "Apple" for product "Mac Os X Server"
10.4.6
Search vendor "Apple" for product "Mac Os X Server" and version "10.4.6"
-
Affected
Apple
Search vendor "Apple"
Mac Os X Server
Search vendor "Apple" for product "Mac Os X Server"
10.4.7
Search vendor "Apple" for product "Mac Os X Server" and version "10.4.7"
-
Affected
Apple
Search vendor "Apple"
Mac Os X Server
Search vendor "Apple" for product "Mac Os X Server"
10.4.8
Search vendor "Apple" for product "Mac Os X Server" and version "10.4.8"
-
Affected
Apple
Search vendor "Apple"
Mac Os X Server
Search vendor "Apple" for product "Mac Os X Server"
10.4.9
Search vendor "Apple" for product "Mac Os X Server" and version "10.4.9"
-
Affected
Apple
Search vendor "Apple"
Mac Os X Server
Search vendor "Apple" for product "Mac Os X Server"
10.4.10
Search vendor "Apple" for product "Mac Os X Server" and version "10.4.10"
-
Affected