CVE-2006-1471

CVE-2006-1471 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

Format string vulnerability in the CF_syslog function launchd in Apple Mac OS X 10.4 up to 10.4.6 allows local users to execute arbitrary code via format string specifiers that are not properly handled in a syslog call in the logging facility, as demonstrated by using a crafted plist file.

Learn more about our User Device Pen Test.