Описание
The CFUserNotificationSendRequest function in UserNotificationCenter.app in Apple Mac OS X 10.4.8, when used in combination with diskutil, allows local users to gain privileges via a malicious InputManager in Library/InputManagers in a user's home directory, which is executed when Cocoa applications attempt to notify the user.
Ссылки
- ExploitVendor Advisory
- US Government Resource
- US Government Resource
- ExploitVendor Advisory
- US Government Resource
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:o:apple:mac_os_x:10.4.8:*:*:*:*:*:*:*
EPSS
Процентиль: 46%
0.00232
Низкий
6.9 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
The CFUserNotificationSendRequest function in UserNotificationCenter.app in Apple Mac OS X 10.4.8, when used in combination with diskutil, allows local users to gain privileges via a malicious InputManager in Library/InputManagers in a user's home directory, which is executed when Cocoa applications attempt to notify the user.
EPSS
Процентиль: 46%
0.00232
Низкий
6.9 Medium
CVSS2
Дефекты
NVD-CWE-Other