Code Signing Validation Bypass Vulnerability in Apple OS X

Code Signing Validation Bypass Vulnerability in Apple OS X

CVE-2015-1146 · LOW Severity

AV:L/AC:M/AU:N/C:N/I:P/A:N

The Code Signing implementation in Apple OS X before 10.10.3 does not properly validate signatures, which allows local users to bypass intended access restrictions via a crafted bundle, a different vulnerability than CVE-2015-1145.

Learn more about our User Device Pen Test.