Apple Mac OS X before 10.7.5 and 10.8.x before 10.8.2 allows local users to read passwords entered into Login Window (aka LoginWindow) or Screen Saver Unlock by installing an input method that intercepts keystrokes.
References
Link | Resource |
---|---|
http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html | Vendor Advisory |
http://osvdb.org/85647 | |
http://support.apple.com/kb/HT5501 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
History
No history.
Information
Published : 2012-09-20 21:55
Updated : 2024-02-28 12:00
NVD link : CVE-2012-3718
Mitre link : CVE-2012-3718
CVE.ORG link : CVE-2012-3718
JSON object : View
Products Affected
apple
- mac_os_x
- mac_os_x_server
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor