5 matches found
Google Santa and molcodesignchecker Code Signing Vulnerabilities
Google Santa is a binary black/white listing system for macOS. molcodesignchecker is a program that performs code signature verification in Objective-C. A security vulnerability exists in Google Santa and molcodesignchecker. The vulnerability can be exploited by an attacker with a maliciously...
Code injection
An issue was discovered in Google Santa and molcodesignchecker. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universal/fat binary, the user of the third-party tool will believe that the code is signed by Apple, but...
CVE-2018-10405
An issue was discovered in Google Santa and molcodesignchecker. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universal/fat binary, the user of the third-party tool will believe that the code is signed by Apple, but...
CVE-2018-10405
An issue was discovered in Google Santa and molcodesignchecker. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universal/fat binary, the user of the third-party tool will believe that the code is signed by Apple, but...
CVE-2018-10405
CVE-2018-10405 concerns Google Santa and molcodesignchecker, where a maliciously crafted Universal/Fat binary can bypass third‑party code signing checks. The vulnerability arises from incomplete inspection of Fat binaries, allowing an unsigned malicious payload to be executed while a legitimate A...