Vulnerability Details CVE-2012-0652
Login Window in Apple Mac OS X 10.7.3, when Legacy File Vault or networked home directories are enabled, does not properly restrict what is written to the system log for network logins, which allows local users to obtain sensitive information by reading the log.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 29.1%
CVSS Severity
CVSS v2 Score 4.9
References
- http://lists.apple.com/archives/security-announce/2012/May/msg00001.html
- http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html
- http://support.apple.com/kb/HT5281
- http://support.apple.com/kb/HT5501
- http://www.securityfocus.com/bid/53445
- http://www.securityfocus.com/bid/53457
- http://www.securitytracker.com/id?1027024
- http://lists.apple.com/archives/security-announce/2012/May/msg00001.html
- http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html
- http://support.apple.com/kb/HT5281
- http://support.apple.com/kb/HT5501
- http://www.securityfocus.com/bid/53445
- http://www.securityfocus.com/bid/53457
- http://www.securitytracker.com/id?1027024