Insecure Permissions in Apple Mac OS X 10.4.x: Vulnerability in System Cache and Dashboard Widgets

Insecure Permissions in Apple Mac OS X 10.4.x: Vulnerability in System Cache and Dashboard Widgets

CVE-2005-1727 · LOW Severity

AV:L/AC:H/AU:N/C:P/I:P/A:P

Apple Mac OS X 10.4.x up to 10.4.1 sets insecure world- and group-writable permissions for the (1) system cache folder and (2) Dashboard system widgets, which allows local users to conduct unauthorized file operations via "file race conditions."

Learn more about our User Device Pen Test.