Information disclosure vulnerability in Apple OS X via an iBooks file containing an XML external entity declarationID: oval:org.secpod.oval:def:32314 | Date: (C)2015-12-30 (M)2022-01-13 |
Class: VULNERABILITY | Family: macos |
The host is installed with Apple Mac OS X or Server 10.11.x before 10.11.2 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle an iBooks file containing an XML external entity declaration. Successful exploitation could allow remote attackers to read arbitrary files.
Platform: |
Apple Mac OS X 10.11 |
Apple Mac OS X Server 10.11 |