CVE-2012-0652 Information

Description

Login Window in Apple Mac OS X 10.7.3 when Legacy File Vault or networked home directories are enabled does not properly restrict what is written to the system log for network logins which allows local users to obtain sensitive information by reading the log.

Reference

http://lists.apple.com/archives/security-announce/2012/May/msg00001.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html http://support.apple.com/kb/HT5281 http://support.apple.com/kb/HT5501 http://www.securityfocus.com/bid/53445 http://www.securityfocus.com/bid/53457 http://www.securitytracker.com/id?1027024