2 matches found
CVE-2015-3715
The code-signing implementation in Apple OS X before 10.10.4 does not properly consider libraries that are external to an application bundle, which allows attackers to bypass intended launch restrictions via a crafted library...
CVE-2015-3715
The CVE-2015-3715 entry describes a code-signing bypass in Apple OS X before 10.10.4, where libraries loaded outside an application bundle are not properly vetted, allowing bypass of launch restrictions. Affected product: macOS OS X prior to 10.10.4. Root cause: code-signing checks do not verify ...