CVE-2007-0023

CVE-2007-0023 · MEDIUM Severity

AV:L/AC:M/AU:N/C:C/I:C/A:C

The CFUserNotificationSendRequest function in UserNotificationCenter.app in Apple Mac OS X 10.4.8, when used in combination with diskutil, allows local users to gain privileges via a malicious InputManager in Library/InputManagers in a user's home directory, which is executed when Cocoa applications attempt to notify the user.

Learn more about our User Device Pen Test.