Arbitrary Command Execution via Crafted Photo File Name in Apple OS X Spotlight
CVE-2015-3716 · MEDIUM Severity
AV:L/AC:M/AU:N/C:P/I:P/A:P
Spotlight in Apple OS X before 10.10.4 allows attackers to execute arbitrary commands via a crafted name of a photo file within the local photo library.
Learn more about our Web Application Penetration Testing UK.