CVE-2015-5754

Name of the Vulnerable Software and Affected Versions Apple OS X versions prior to 10.10.5

Description The issue is caused by a race condition in the Install Framework Legacy component, specifically in the runner in Install.framework. This condition can be exploited by a remote attacker using a specially crafted application that leverages incorrect privilege dropping associated with a locking error, allowing the execution of arbitrary code in a privileged context.

Recommendations For Apple OS X versions prior to 10.10.5, update to version 10.10.5 or later to resolve the issue.