5 matches found
CVE-2019-13013
CVE-2019-13013 affects Little Snitch versions 4.3.0 to 4.3.2. The vulnerability lies in the privileged helper tool, which exposes an XPC interface accessible to any process and allows directory listings and copying files as root, enabling local privilege escalation. The available connected docume...
CVE-2019-13014
CVE-2019-13014 affects Little Snitch. The vulnerability arises from a privileged helper where the operating system may have retained a copy that is not removed or updated during upgrade to 4.4.0, leaving systems potentially exposed after upgrading. The issue is resolved in version 4.4.1 by removi...
CVE-2020-13095
Little Snitch
CVE-2017-2675
Little Snitch 3.0–3.7.3 contains a local privilege escalation in the installer related to writing the configuration file at.obdev.littlesnitchd.plist to /Library/LaunchDaemons. The CVSSv3 context indicates LOCAL attack with HIGH impact to confidentiality, integrity, and availability, and LOW priv...
CVE-2016-8661
Little Snitch (Objective Development) 3.0–3.6.1 contains a local buffer overflow in kernel API parameter handling for OSMalloc and copyin, enabling local escalation of privileges to ring0. Affected component is the kernel interaction layer; impact is privilege escalation and potential full OS com...