SpotlightIndex in Apple OS X prior to 10.10.2 does not properly perform deserialization during access to a permission cache, which allows local users to read search results associated with other users' protected files via a Spotlight query.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apple mac os x |