CVE-2011-3215
2.1
Vector
AV:L/AC:L/Au:N/C:P/I:N/A:N
Exploitability: 3.9 / Impact: 2.9
Source: NVD
Description
The kernel in Apple Mac OS X before 10.7.2 does not properly prevent FireWire DMA in the absence of a login, which allows physically proximate attackers to bypass intended access restrictions and discover a password by making a DMA request in the (1) loginwindow, (2) boot, or (3) shutdown state.
Affected (136)
Products: Apple: Mac Os X, Mac Os X Server
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 10.7.1 | |
| Up to 10.7.1 |
Related CWEs
References (6)
Source: product-security@apple.com
Vendor Advisory
Source: product-security@apple.com
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Timeline
No history available yet.