Spotlight in Apple OS X prior to 10.10.2 does not enforce the Mail "Load remote content in messages" configuration, which allows remote malicious users to discover recipient IP addresses by including an inline image in an HTML e-mail message and logging HTTP requests for this image's URL.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apple mac os x |