CVE-2007-0729
Apple File Protocol (AFP) Client in Apple Mac OS X 10.3.9 through 10.4.9 does not properly clean the environment before executing commands, which allows local users to gain privileges by setting unspecified environment variables.
Date published : 2007-04-24
http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html