runner in Install.framework in the Install Framework Legacy subsystem in Apple OS X prior to 10.10.4 does not properly drop privileges, which allows malicious users to execute arbitrary code in a privileged context via a crafted app.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apple mac os x |