Vulnerability Description
Idle locking function in MacOS 9 allows local users to bypass the password protection of idled sessions by selecting the "Log Out" option and selecting a "Cancel" option in the dialog box for an application that attempts to verify that the user wants to log out, which returns the attacker into the locked session.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Apple | Macos | 9 |
References
- http://marc.info/?l=bugtraq&m=94096348604173&w=2
- http://www.securityfocus.com/bid/745ExploitVendor Advisory
- http://marc.info/?l=bugtraq&m=94096348604173&w=2
- http://www.securityfocus.com/bid/745ExploitVendor Advisory
FAQ
What is CVE-1999-1076?
CVE-1999-1076 is a vulnerability with a CVSS score of 4.6 (MEDIUM). Idle locking function in MacOS 9 allows local users to bypass the password protection of idled sessions by selecting the "Log Out" option and selecting a "Cancel" option in the dialog box for an appli...
How severe is CVE-1999-1076?
CVE-1999-1076 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-1999-1076?
Check the references section above for vendor advisories and patch information. Affected products include: Apple Macos.