2 matches found
CVE-2006-1471
Format string vulnerability in the CFsyslog function launchd in Apple Mac OS X 10.4 up to 10.4.6 allows local users to execute arbitrary code via format string specifiers that are not properly handled in a syslog call in the logging facility, as demonstrated by using a crafted plist file...
CVE-2006-1471
CVE-2006-1471 : In Apple Mac OS X, up to 10.4.6, the CF_syslog function in launchd is vulnerable to a format-string vulnerability in syslog calls, allowing local users to execute arbitrary code via crafted plist files. Affected: Mac OS X 10.4.x before 10.4.7 follows the vulnerability. Mitigation:...