CFNetwork in Apple OS X up to and including 10.8.5 does not remove session cookies upon a Safari reset action, which allows physically proximate malicious users to bypass intended access restrictions by leveraging an unattended workstation.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apple mac os x 10.8.5 |
||
apple mac os x 10.8.3 |
||
apple mac os x 10.8.2 |
||
apple mac os x 10.8.1 |
||
apple mac os x 10.8.0 |
||
apple mac os x |
||
apple mac os x 10.8.4 |