CVE-2012-0652

Apple Mac OS X 10.7.3 - Info Disclosure

Title source: llm
STIX 2.1

Description

Login Window in Apple Mac OS X 10.7.3, when Legacy File Vault or networked home directories are enabled, does not properly restrict what is written to the system log for network logins, which allows local users to obtain sensitive information by reading the log.

References (7)

Core 7
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/53445
Mailing List vendor-advisory x_refsource_apple
http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html
Vendor Advisory x_refsource_confirm
http://support.apple.com/kb/HT5501
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id?1027024
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/53457
Vendor Advisory x_refsource_confirm
http://support.apple.com/kb/HT5281
Vendor Advisory vendor-advisory x_refsource_apple
http://lists.apple.com/archives/security-announce/2012/May/msg00001.html

Scores

EPSS 0.0033
EPSS Percentile 25.5%

Details

CWE
CWE-200
Status published
Products (1)
apple/mac_os_x 10.7.3
Published May 11, 2012
Tracked Since Feb 18, 2026