Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in Google Santa and molcodesignchecker. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universal/fat binary, the user of the third-party tool will believe that the code is signed by Apple, but the malicious unsigned code will execute.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Google Santa和molcodesignchecker 安全漏洞
Vulnerability Description
Google Santa是一套适用于macOS平台的二进制文件黑/白名单系统。molcodesignchecker是一款能够在Objective-C中执行代码签名验证的程序。 Google Santa和molcodesignchecker中存在安全漏洞。攻击者可借助恶意制作的多架构程序(Universal/fat binary)利用该漏洞绕过第三方代码签名检测,执行未签名的恶意代码。
CVSS Information
N/A
Vulnerability Type
N/A