5 matches found
CVE-2015-3760
creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/osx/local/dyldprinttofileroot.rb 2019-03-13 07:34:18+00:00| exploited| https://t.me/informationsecuritychannel/25462 2025-02-06 03:13:42+00:00|...
CVE-2015-3760
dyld in Apple OS X before 10.10.5 does not properly validate pathnames in the environment, which allows local users to gain privileges via unspecified vectors...
Immunity Canvas: OSX_DYLD_PRINT_TO_FILE
Name| osxdyldprinttofile ---|--- CVE| CVE-2015-3760 Exploit Pack| CANVAS Description| OS X DYLDPRINTTOFILE local privilege escalation Notes| Repeatability: Multiple Times Notes: Tested on: - 10.10.3 VENDOR: Apple CVE Url: https://vulners.com/cve/CVE-2015-3760 CVE Name: CVE-2015-3760...
CVE-2015-3760
CVE-2015-3760 describes a local privilege escalation in Apple macOS/OS X: the dynamic linker (dyld) in OS X up to 10.10.4 fails to properly validate environment pathnames, allowing a local user to gain privileges via unspecified vectors. The description in the provided documents does not specify ...
Apple OS X DYLD_PRINT_TO_FILE Privilege Escalation
In Apple OS X 10.10.4 and prior, the DYLDPRINTTOFILE environment variable is used for redirecting logging data to a file instead of stderr. Due to a design error, this feature can be abused by a local attacker to write arbitrary files as root via restricted, SUID-root binaries. This module requir...