The host is installed with Apple Mac OS X or Server 10.10.x before 10.10.2 and is prone to a directory spoofing vulnerability. A flaw is present in the application, which fails to validate crafted data. Successful exploitation allows attackers to spoof directory service responses to the kernel, elevate privileges, or gain kernel execution.