exploitDog

CVE-2014-1380

Опубликовано: 01 июл. 2014

Источник: nvd

CVSS2: 2.6

EPSS Низкий

Описание

The Security - Keychain component in Apple OS X before 10.9.4 does not properly implement keystroke observers, which allows physically proximate attackers to bypass the screen-lock protection mechanism, and enter characters into an arbitrary window under the lock window, via keyboard input.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:apple:mac_os_x:10.9:*:*:*:*:*:*:*

cpe:2.3:o:apple:mac_os_x:10.9.1:*:*:*:*:*:*:*

cpe:2.3:o:apple:mac_os_x:10.9.2:*:*:*:*:*:*:*

cpe:2.3:o:apple:mac_os_x:10.9.3:*:*:*:*:*:*:*

EPSS

Процентиль: 21%

0.00067

Низкий

2.6 Low

CVSS2

Дефекты

CWE-264

Связанные уязвимости

GHSA-hgv2-76q7-7cv5

github

больше 3 лет назад

The Security - Keychain component in Apple OS X before 10.9.4 does not properly implement keystroke observers, which allows physically proximate attackers to bypass the screen-lock protection mechanism, and enter characters into an arbitrary window under the lock window, via keyboard input.

EPSS

Процентиль: 21%

0.00067

Низкий

2.6 Low

CVSS2

Дефекты

CWE-264