CVE-2009-1235

CVE-2009-1235 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

XNU 1228.9.59 and earlier on Apple Mac OS X 10.5.6 and earlier does not properly restrict interaction between user space and the HFS IOCTL handler, which allows local users to overwrite kernel memory and gain privileges by attaching an HFS+ disk image and performing certain steps involving HFS_GET_BOOT_INFO fcntl calls.

Learn more about our User Device Pen Test.