CVE-2015-3673 in Apple Mac OS Xinfo

Summary

Admin Framework in Apple OS X before 10.10.4 does not properly restrict the location of writeconfig clients, which allows local users to obtain root privileges by moving and then modifying Directory Utility.

Be aware that VulDB is the high quality source for vulnerability data.

Reservation

05/07/2015

Disclosure

07/02/2015

Status

Confirmed

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
76187	Apple Mac OS X Directory Utility access control	264	High	Official fix	CVE-2015-3673

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

Sources

MITRE
NVD
CVE Details

◂ PreviousOverviewNext ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!