2 matches found
CVE-2011-0190
CVE-2011-0190 affects Mac OS X installations prior to 10.6.7, where Install Helper in Installer mishandles an unspecified URL. This may enable a remote attacker to track user logins by logging network traffic from an agent intended to contact an Apple server. Remediation is provided by Apple’s Se...
CVE-2007-0465
CVE-2007-0465 describes a format-string vulnerability in Apple’s Installer (Mac OS X 10.4.8, Apple Installer 2.1.5). The flaw arises during parsing of package filenames that can contain format specifiers in (PKG, DISTZ, MPKG) files, enabling a user-assisted remote attacker to execute arbitrary co...