Apple Mac OS X before 10.7.5 and 10.8.x before 10.8.2 allows local users to read passwords entered into Login Window (aka LoginWindow) or Screen Saver Unlock by installing an input method that intercepts keystrokes.
References
Link | Resource |
---|---|
http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html | Vendor Advisory |
http://support.apple.com/kb/HT5501 | Vendor Advisory |
http://osvdb.org/85647 |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Information
Published : 2012-09-20 14:55
Updated : 2013-06-05 21:00
NVD link : CVE-2012-3718
Mitre link : CVE-2012-3718
JSON object : View
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
Products Affected
apple
- mac_os_x
- mac_os_x_server