Apple.Installer.Package.Filename.Format.String

description-logoDescription

This indicates a possible exploit of a format-string vulnerability in Apple Installer on Mac OS X.
This vulnerability is caused by the application's failure to properly sanitize user input. Remote attackers may exploit this to execute arbitrary code by sending format string specifiers in the package file name.

affected-products-logoAffected Products

Apple Installer 2.1.5

Impact logoImpact

Privilege escalation.

recomended-action-logoRecommended Actions

Refer to the vendor's web site for the suggested workaround:
http://www.apple.com/

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)