Description
Login Window in Apple Mac OS X 10.7.3, when Legacy File Vault or networked home directories are enabled, does not properly restrict what is written to the system log for network logins, which allows local users to obtain sensitive information by reading the log.
References (7)
Core 7
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/53445
Mailing List vendor-advisory
x_refsource_apple
http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html
Vendor Advisory x_refsource_confirm
http://support.apple.com/kb/HT5501
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1027024
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/53457
Vendor Advisory x_refsource_confirm
http://support.apple.com/kb/HT5281
Vendor Advisory vendor-advisory
x_refsource_apple
http://lists.apple.com/archives/security-announce/2012/May/msg00001.html
Scores
EPSS
0.0033
EPSS Percentile
25.5%
Details
CWE
CWE-200
Status
published
Products (1)
apple/mac_os_x
10.7.3
Published
May 11, 2012
Tracked Since
Feb 18, 2026