2011-11-15 18:00:00
mitre
PUBLISHED
The nonet and nointernet sandbox profiles in Apple Mac OS X 10.5.x do not propagate restrictions to all created processes, which allows remote attackers to access network resources via a crafted application, as demonstrated by use of launchctl to trigger the launchd daemons execution of a script file, a related issue to CVE-2011-1516.