CVE-2011-0190

Apple Mac OS X <10.6.7 - Info Disclosure

Title source: llm
STIX 2.1

Description

Install Helper in Installer in Apple Mac OS X before 10.6.7 does not properly process an unspecified URL, which might allow remote attackers to track user logins by logging network traffic from an agent that was intended to send network traffic to an Apple server.

References (2)

Core 2
Core References
Patch, Vendor Advisory x_refsource_confirm
http://support.apple.com/kb/HT4581
Patch, Vendor Advisory vendor-advisory x_refsource_apple
http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html

Scores

EPSS 0.0128
EPSS Percentile 66.7%

Details

CWE
CWE-20
Status published
Products (15)
apple/installer
apple/mac_os_x 10.6.0
apple/mac_os_x 10.6.1
apple/mac_os_x 10.6.2
apple/mac_os_x 10.6.3
apple/mac_os_x 10.6.4
apple/mac_os_x 10.6.5
apple/mac_os_x 10.6.6
apple/mac_os_x_server 10.6.0
apple/mac_os_x_server 10.6.1
... and 5 more
Published Mar 23, 2011
Tracked Since Feb 18, 2026