CVE-2014-4446

Publication date

2014-10-18 01:00:00

Family

apple

State

PUBLISHED

Description

Mail Service in Apple OS X Server before 4.0 does not enforce SACL changes until after a service restart, which allows remote authenticated users to bypass intended access restrictions in opportunistic circumstances by leveraging a change made by an administrator.