漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
Little Snitch versions 4.0 to 4.0.6 use the SecStaticCodeCheckValidityWithErrors() function without the kSecCSCheckAllArchitectures flag and therefore do not validate all architectures stored in a fat binary. An attacker can maliciously craft a fat binary containing multiple architectures that may cause a situation where Little Snitch treats the running process as having no code signature at all while erroneously indicating that the binary on disk does have a valid code signature. This could lead to users being confused about whether or not the code signature is valid.
CVSS Information
N/A
Vulnerability Type
密码学签名的验证不恰当
Vulnerability Title
Objective Development Little Snitch 安全漏洞
Vulnerability Description
Objective Development Little Snitch是奥地利Objective Development公司的一套专用于Mac的个人安全软件。 Objective Development Little Snitch 4.0版本至4.0.6版本中存在安全漏洞,该漏洞源于程序没有将kSecCSCheckAllArchitectures旗标发送到‘SecStaticCodeCheckValidityWithErrors()’函数并且程序没有验证fat binary中的所有框架。攻击者可借助恶意制
CVSS Information
N/A
Vulnerability Type
N/A