Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The xpc_data_get_bytes function in libxpc in Apple OS X before 10.10.2 does not verify that a dictionary's Attributes key has the xpc_data data type, which allows attackers to execute arbitrary code by providing a crafted dictionary to sysmond, related to an "XPC type confusion" issue.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Apple Mac OS X 安全漏洞
Vulnerability Description
Apple Mac OS X是美国苹果(Apple)公司的为Mac计算机所开发的一套专用操作系统。 Apple Mac OS X 10.10.2之前版本的libxpc中的‘xpc_data_get_bytes’函数存在安全漏洞,该漏洞源于程序没有验证目录属性键中已存在的xpc_data数据类型。攻击者可通过提供特制的目录利用该漏洞执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A