| ID |
CVE-2006-1444
|
| Summary |
CoreGraphics in Apple Mac OS X 10.4.6, when "Enable access for assistive devices" is on, allows an application to bypass restrictions for secure event input and read certain events from other applications in the same window session by using Quartz Event Services. Successful exploitation requires that "Enable access for assistive devices" is on.
This vulnerability is addressed in the following product release:
Apple, Mac OS X, 10.4.6 (2006-003) |
| References |
|
| Vulnerable Configurations |
|
| CVSS |
| Base: | 2.1 (as of 20-07-2017 - 01:30) |
| Impact: | |
| Exploitability: | |
|
| CWE |
NVD-CWE-Other |
| CAPEC |
|
| Access |
| Vector | Complexity | Authentication |
| LOCAL |
LOW |
NONE |
|
| Impact |
| Confidentiality | Integrity | Availability |
| PARTIAL |
NONE |
NONE |
|
| cvss-vector
via4
|
AV:L/AC:L/Au:N/C:P/I:N/A:N
|
| refmap
via4
|
| apple | APPLE-SA-2006-05-11 | | bid | 17951 | | cert | TA06-132A | | osvdb | 25588 | | sectrack | 1016079 | | secunia | 20077 | | vupen | ADV-2006-1779 | | xf | macos-coregraphics-quartz-security-bypass(26409) |
|
| Last major update |
20-07-2017 - 01:30 |
| Published |
12-05-2006 - 21:02 |
| Last modified |
20-07-2017 - 01:30 |
