The filtering implementation in AppleEvents in Apple OS X before 10.11 mishandles attempts to send events to a different user, which allows attackers to bypass intended access restrictions by leveraging a screen-sharing connection.
The filtering implementation in AppleEvents in Apple OS X before 10.11 mishandles attempts to send events to a different user, which allows attackers to bypass intended access restrictions by leveraging a screen-sharing connection.