App Store in Apple Mac OS X before 10.6.8 creates a log entry containing a user's AppleID password, which might allow local users to obtain sensitive information by reading a log file, as demonstrated by a log file that has non-default permissions.
2011-06-24T20:55:02.030
2025-04-11T00:51:21.963
Deferred
CVSSv2: 2.1 (LOW)
AV:L/AC:L/Au:N/C:P/I:N/A:N
3.9
2.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Operating System | apple | mac_os_x | 10.5.8 | Yes |
| Operating System | apple | mac_os_x | 10.6.0 | Yes |
| Operating System | apple | mac_os_x | 10.6.1 | Yes |
| Operating System | apple | mac_os_x | 10.6.2 | Yes |
| Operating System | apple | mac_os_x | 10.6.3 | Yes |
| Operating System | apple | mac_os_x | 10.6.4 | Yes |
| Operating System | apple | mac_os_x | 10.6.5 | Yes |
| Operating System | apple | mac_os_x | 10.6.6 | Yes |
| Operating System | apple | mac_os_x | 10.6.7 | Yes |
| Operating System | apple | mac_os_x_server | 10.5.8 | Yes |
| Operating System | apple | mac_os_x_server | 10.6.0 | Yes |
| Operating System | apple | mac_os_x_server | 10.6.1 | Yes |
| Operating System | apple | mac_os_x_server | 10.6.2 | Yes |
| Operating System | apple | mac_os_x_server | 10.6.3 | Yes |
| Operating System | apple | mac_os_x_server | 10.6.4 | Yes |
| Operating System | apple | mac_os_x_server | 10.6.5 | Yes |
| Operating System | apple | mac_os_x_server | 10.6.6 | Yes |
| Operating System | apple | mac_os_x_server | 10.6.7 | Yes |