Arbitrary Code Execution Vulnerability in Apple Mac OS X User Documentation Component
CVE-2011-3224 · LOW Severity
AV:N/AC:H/AU:N/C:N/I:P/A:N
The User Documentation component in Apple Mac OS X through 10.6.8 uses http sessions for updates to App Store help information, which allows man-in-the-middle attackers to execute arbitrary code by spoofing the http server.
Learn more about our Cis Benchmark Audit For Server Software.