CVE-2011-3436 in Mac OS Xinfo

Summary

Open Directory in Apple Mac OS X 10.7 before 10.7.2 does not require a user to provide the current password before changing this password, which allows remote attackers to bypass intended password-change restrictions by leveraging an unattended workstation.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Reservation

09/13/2011

Disclosure

10/14/2011

Status

Confirmed

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
59078	Apple Mac OS X access control	264	Not defined	Official fix	CVE-2011-3436

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

Sources

MITRE
NVD
CVE Details

◂ PreviousOverviewNext ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!