[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

Untrusted search path vulnerability in Apple OS X via a Trojan horse program - CVE-2015-7024

ID: oval:org.secpod.oval:def:34185Date: (C)2016-04-28   (M)2021-07-09
Class: VULNERABILITYFamily: macos




The host is installed with Apple Mac OS X or Server 10.11.x before 10.11.1 and is prone to an untrusted search path vulnerability. A flaw is present in the application, which fails to properly handle a Trojan horse program that is loaded from an unexpected directory by an application that has a valid Apple digital signature. Successful exploitation could allow local users to bypass intended Gatekeeper restrictions and gain privileges.

Platform:
Apple Mac OS X 10.11
Apple Mac OS X Server 10.11
Reference:
CVE-2015-7024
CVE    1
CVE-2015-7024
CPE    3
cpe:/o:apple:mac_os_x
cpe:/o:apple:mac_os_x_server
cpe:/o:apple:mac_os_x:10.11.0

© SecPod Technologies