- Description
- Login Window in Apple Mac OS X before 10.8.3 does not prevent application launching with the VoiceOver feature, which allows physically proximate attackers to bypass authentication and make arbitrary System Preferences changes via unspecified use of the keyboard.
- Source
- product-security@apple.com
- NVD status
- Modified
CVSS 2.0
- Type
- Primary
- Base score
- 4.9
- Impact score
- 6.9
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:N/I:C/A:N
- nvd@nist.gov
- CWE-264
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.8.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B2082D62-3821-4DBA-8690-67489F44C38D"
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.8.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8F0DB1BC-DC16-423E-B0C7-8E9C996A50B5"
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.8.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E59315BA-B9F1-46A5-86E7-8BE2ED97BA4F"
}
],
"operator": "OR"
}
]
}
]