Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
coresymbolicationd in CoreSymbolication in Apple OS X before 10.10.2 does not verify that expected data types are present in XPC messages, which allows attackers to execute arbitrary code in a privileged context via a crafted app, as demonstrated by lack of verification of xpc_dictionary_get_value API return values during handling of a (1) match_mmap_archives, (2) delete_mmap_archives, (3) write_mmap_archive, or (4) read_mmap_archive command.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Apple Mac OS X CoreSymbolication 代码执行漏洞
Vulnerability Description
Apple Mac OS X是美国苹果(Apple)公司为Mac计算机所开发的一套专用操作系统。 Apple Mac OS X 10.10.2之前版本的CoreSymbolication中的coresymbolicationd存在安全漏洞,该漏洞源于程序没有验证XPC消息中的数据类型。攻击者可借助特制的应用程序利用该漏洞以系统权限执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A