CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2012-0656

Race condition in LoginUIFramework in Apple Mac OS X 10.7.x before 10.7.4, when the Guest account is enabled, allows physically proximate attackers to login to arbitrary accounts by entering the account name and no password.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 31.0%

CVSS Severity

CVSS v2 Score 6.9

References

http://lists.apple.com/archives/security-announce/2012/May/msg00001.html
http://support.apple.com/kb/HT5281
http://www.securityfocus.com/bid/53445
http://www.securityfocus.com/bid/53459
http://lists.apple.com/archives/security-announce/2012/May/msg00001.html
http://support.apple.com/kb/HT5281
http://www.securityfocus.com/bid/53445
http://www.securityfocus.com/bid/53459

Products affected by CVE-2012-0656

Apple » Mac Os X » Version: 10.7.0

cpe:2.3:o:apple:mac_os_x:10.7.0
Apple » Mac Os X » Version: 10.7.1

cpe:2.3:o:apple:mac_os_x:10.7.1
Apple » Mac Os X » Version: 10.7.2

cpe:2.3:o:apple:mac_os_x:10.7.2
Apple » Mac Os X » Version: 10.7.3

cpe:2.3:o:apple:mac_os_x:10.7.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2012-0656

Products

Pricing

Contact Us