Lucene search
Samuel Gross (saelo)ZDI-18-1338HistoryNov 05, 2018 - 12:00 a.m.
(Pwn2Own) Apple macOS launchd Improper Access Check Privilege Escalation Vulnerability
2018-11-0500:00:00
Samuel Gross (saelo)
www.zerodayinitiative.com
12
0.001 Low
EPSS
Percentile
47.0%
This vulnerability allows local attackers to escalate privileges on vulnerable installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of Mach messages to the Dock. The issue results from the lack of proper validation of the client prior to spawning a process. An attacker can leverage this vulnerability to execute code within the context of the current user.
References
Related
nvd
nvd
CVE-2018-4404
2019-01-11 18:29:03
vulnrichment
vulnrichment
CVE-2018-4404
2019-01-11 18:00:00
cvelist
cvelist
CVE-2018-4404
2019-01-11 18:00:00
cve
cve
CVE-2018-4404
2019-01-11 18:29:03
prion
prion
Memory corruption
2019-01-11 18:29:00
thn
thn
zdt
zdt
Safari - Proxy Object Type Confusion Exploit
2018-12-14 00:00:00
metasploit
metasploit
Safari Proxy Object Type Confusion
2018-11-15 00:44:18
packetstorm
packetstorm
Safari Proxy Object Type Confusion
2018-12-13 00:00:00
exploitdb
exploitdb
Safari - Proxy Object Type Confusion (Metasploit)
2018-12-14 00:00:00
apple
apple
About the security content of watchOS 4.3.1 - Apple Support
2019-10-08 03:38:09
About the security content of watchOS 4.3.1
2018-05-29 00:00:00
About the security content of tvOS 11.4
2018-05-29 00:00:00
nessus
nessus
macOS 10.13.x < 10.13.5 Multiple Vulnerabilities
2018-06-05 00:00:00