PT-2006-2454 · Apple · Macos X

Tobias Hahn

Published

2006-05-12

Updated

2017-07-20

CVE-2006-1446

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Apple Mac OS X versions 10.3.9 through 10.4.6

Description The issue allows an application to bypass a locked Keychain by obtaining a reference to the Keychain when it is unlocked and then reusing that reference after the Keychain has been locked.

Recommendations For Apple Mac OS X versions 10.3.9 through 10.4.6, consider implementing additional access controls to the Keychain to prevent unauthorized access. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2006-1446

Affected Products

Macos X

PT-2006-2454 · Apple · Macos X

CVE-2006-1446

Related Identifiers

Affected Products

References · 9