Information disclosure vulnerability in Apple Mac OS X via a crafted callID: oval:org.secpod.oval:def:14276 | Date: (C)2013-07-09 (M)2022-10-10 |
Class: VULNERABILITY | Family: macos |
The host is installed with Apple Mac OS X 10.8.x and is prone to information disclosure vulnerability. The flaw is mach_port_space_info function in osfmk/ipc/mach_debug.c in the XNU kernel, which does not initialize a certain structure member. Successful exploitation allows local users to obtain sensitive information from kernel heap memory via a crafted call.
Platform: |
Apple Mac OS X 10.8 |
Apple Mac OS X Server 10.8 |