CVE Vulnerabilities

CVE-2015-5784

Published: Aug 17, 2015 | Modified: Sep 21, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
9.3 HIGH
AV:N/AC:M/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

runner in Install.framework in the Install Framework Legacy component in Apple OS X before 10.10.5 does not properly drop privileges, which allows attackers to execute arbitrary code in a privileged context via a crafted app.

Affected Software

Name Vendor Start Version End Version
Mac_os_x Apple * 10.10.4 (including)

References