2 matches found
CVE-2016-4638
Login Window in Apple OS X before 10.11.6 allows attackers to gain privileges via a crafted app that leverages a "type confusion."...
CVE-2016-4638
CVE-2016-4638 corresponds to a local privilege-escalation in the OS X Login Window prior to OS X 10.11.6. Multiple connected sources attribute the flaw to a type-confusion in WindowServer/CoreGraphics handling of user-supplied data, enabling a crafted app to gain root-level/privilege access. Expl...