CVE-2006-4387

{"id": "CVE-2006-4387", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.6, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": false}]}, "published": "2006-10-03T04:02:00.000", "references": [{"url": "http://lists.apple.com/archives/security-announce/2006/Sep/msg00002.html", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/22187", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://securitytracker.com/id?1016955", "source": "cve@mitre.org"}, {"url": "http://www.osvdb.org/29273", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/20271", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2006/3852", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29296", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Apple Mac OS X 10.4 through 10.4.7, when the administrator clears the \"Allow user to administer this computer\" checkbox in System Preferences for a user, does not remove the user's account from the appserveradm or appserverusr groups, which still allows the user to manage WebObjects applications."}, {"lang": "es", "value": "Apple Mac OS X 10.4 hasta la 10.4.7, cuando un administrador quita en la caja de selecci\u00f3n \"Permitir al usuario administrador su ordenador\" en System Preferences para un usuario, no mueve la cuenta de usuario desde los grupos appserveradm o appserverusr, lo cual todavia permite al usuario manejar aplicaciones WebObjects."}], "lastModified": "2017-07-20T01:33:04.257", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:apple:mac_os_x:10.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0760FDDB-38D3-4263-9B4D-1AF5E613A4F9"}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AFD4DE58-46C7-4E69-BF36-C5FD768B8248"}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CF824694-52DE-44E3-ACAD-60B2A84CD3CE"}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B73A0891-A37A-4E0D-AA73-B18BFD6B1447"}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "26AC38AB-D689-4B2B-9DAE-F03F4DFD15BE"}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0C580935-0091-4163-B747-750FB7686973"}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BB0F2132-8431-4CEF-9A3D-A69425E3834E"}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8719F3C4-F1DE-49B5-9301-22414A2B6F9C"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}