CVE-2012-3698 in Apple Xcode
Sumário (Inglês)
Apple Xcode before 4.4 does not properly compose a designated requirement (DR) during signing of programs that lack bundle identifiers, which allows remote attackers to read keychain entries via a crafted app, as demonstrated by the keychain entries of a (1) helper tool or (2) command-line tool.
Reservar
19/06/2012
Divulgação
26/07/2012
Inscrições
VulDB provides additional information and datapoints for this CVE:
| ID | Vulnerabilidade | CWE | Exp | Con | CVE |
|---|---|---|---|---|---|
| 5873 | Apple Xcode Designated Requirement Elevação de Privilégios | 264 | Não definido | Correção oficial | CVE-2012-3698 |