Apple.Installer.Package.Filename.Format.String
Description
This indicates a possible exploit of a format-string vulnerability in Apple Installer on Mac OS X.
This vulnerability is caused by the application's failure to properly sanitize user input. Remote attackers may exploit this to execute arbitrary code by sending format string specifiers in the package file name.
Affected Products
Apple Installer 2.1.5
Impact
Privilege escalation.
Recommended Actions
Refer to the vendor's web site for the suggested workaround:
http://www.apple.com/
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |