Computer Security
[EN] securityvulns.ru no-pyccku


Apple Mac Os X sandbox protection bypass
Published:16.11.2011
Source:
SecurityVulns ID:12038
Type:local
Threat Level:
3/10
Description:It's possible to bypass sandbox restriction by controlling different applications.
Affected:APPLE : MacOS X 10.5
 APPLE : MacOS X 10.6
 APPLE : MacOS X 10.7
CVE:CVE-2011-1516 (The kSBXProfileNoNetwork and kSBXProfileNoInternet sandbox profiles in Apple Mac OS X 10.5.x through 10.7.x do not propagate restrictions to all created processes, which allows remote attackers to access network resources via a crafted application, as demonstrated by use of osascript to send Apple events to the launchd daemon, a related issue to CVE-2008-7303.)
Original documentdocumentCORE SECURITY TECHNOLOGIES ADVISORIES, CORE-2011-0919: Apple OS X Sandbox Predefined Profiles Bypass (16.11.2011)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod