Local User Application Exit Vulnerability in Apple Mac HIToolBox
CVE-2004-1085

Currently unrated

Key Information:

Vendor: Apple
Status: Quicktime Streaming Server; Darwin Streaming Server
Vendor: CVE Published:; 2 December 2004

What is CVE-2004-1085?

The Human Interface Toolbox (HIToolBox) for Apple Mac OS X 10.3.6 is susceptible to a vulnerability that permits local users to terminate applications using the force-quit keystroke combination, even while operating in kiosk mode. This flaw poses a risk to systems that rely on kiosk configurations, potentially allowing unauthorized disruptions of applications aimed at providing locked-down user experiences.

References

http://www.securityfocus.com/bid/11802

vdb-entryx_refsource_BID

http://secunia.com/advisories/13362/

third-party-advisoryx_refsource_SECUNIA

http://lists.apple.com/archives/security-announce/2004/De...

vendor-advisoryx_refsource_APPLE

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 2, 2004
Vulnerability Reserved
Nov 30, 2004