The FSFindFolder API in CarbonCore in Apple Mac OS X prior to 10.6.7 provides a world-readable directory in response to a call with the kTemporaryFolderType flag, which allows local users to obtain potentially sensitive information by accessing this directory.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apple mac os x 10.6.4 |
||
apple mac os x 10.6.0 |
||
apple mac os x 10.6.1 |
||
apple mac os x 10.6.2 |
||
apple mac os x 10.6.3 |
||
apple mac os x 10.6.5 |
||
apple mac os x |
||
apple mac os x server 10.6.4 |
||
apple carboncore |
||
apple mac os x server |
||
apple mac os x server 10.6.0 |
||
apple mac os x server 10.6.1 |
||
apple mac os x server 10.6.2 |
||
apple mac os x server 10.6.3 |
||
apple mac os x server 10.6.5 |