The Finder in DesktopServices in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, does not set the expected file ownerships during an "Apply to enclosed items" action, which allows local users to bypass intended access restrictions via normal filesystem operations.

在Apple Mac OS X 10.5.8和10.6之前的10.6.4版本中，Finder在“应用于封闭件”操作期间不设置预期的文件权限，这使本地用户能够通过正常文件系统操作绕过预期访问限制。

NVD 暂无评分

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N

NVD 暂无漏洞类别信息

神龙GPT 暂无漏洞类别信息（请耐心等待）