CVE-2012-3718

LOW

Description

Apple Mac OS X before 10.7.5 and 10.8.x before 10.8.2 allows local users to read passwords entered into Login Window (aka LoginWindow) or Screen Saver Unlock by installing an input method that intercepts keystrokes.

References

http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html

http://osvdb.org/85647

http://support.apple.com/kb/HT5501

Details

Source: MITRE

Published: 2012-09-20

Updated: 2013-06-06

Type: CWE-200

Risk Information

CVSS v2.0

Base Score: 2.1

Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N

Impact Score: 2.9

Exploitability Score: 3.9

Severity: LOW