{"api_version":"1","generated_at":"2026-04-25T06:28:08+00:00","cve":"CVE-2006-1444","urls":{"html":"https://cve.report/CVE-2006-1444","api":"https://cve.report/api/cve/CVE-2006-1444.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2006-1444","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2006-1444"},"summary":{"title":"CVE-2006-1444","description":"CoreGraphics in Apple Mac OS X 10.4.6, when \"Enable access for assistive devices\" is on, allows an application to bypass restrictions for secure event input and read certain events from other applications in the same window session by using Quartz Event Services.","state":"PUBLISHED","assigner":"mitre","published_at":"2006-05-12 21:02:00","updated_at":"2025-04-03 01:03:51"},"problem_types":["NVD-CWE-Other","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"2.1","severity":"","vector":"AV:L/AC:L/Au:N/C:P/I:N/A:N","data":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:N/A:N","baseScore":2.1,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"}}],"references":[{"url":"http://www.osvdb.org/25588","name":"http://www.osvdb.org/25588","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"","mime":"","httpstatus":"-1","archivestatus":"0"},{"url":"http://www.us-cert.gov/cas/techalerts/TA06-132A.html","name":"http://www.us-cert.gov/cas/techalerts/TA06-132A.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["US Government Resource"],"title":"US-CERT Technical Cyber Security Alert TA06-132A -- Apple Mac Products Affected by Multiple Vulnerabilities","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://securitytracker.com/id?1016079","name":"http://securitytracker.com/id?1016079","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Apple Mac OS X CoreGraphics May Let Local Users Obtain Secure Text Field Inputs - SecurityTracker","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/26409","name":"https://exchange.xforce.ibmcloud.com/vulnerabilities/26409","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.vupen.com/english/advisories/2006/1779","name":"http://www.vupen.com/english/advisories/2006/1779","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Webmail : Solution de messagerie professionnelle - OVHcloud- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/20077","name":"http://secunia.com/advisories/20077","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Mac OS X Security Update Fixes Multiple Vulnerabilities - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/17951","name":"http://www.securityfocus.com/bid/17951","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Apple Mac OS X Security Update 2006-003 Multiple Vulnerabilities","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"http://lists.apple.com/archives/security-announce/2006/May/msg00003.html","name":"http://lists.apple.com/archives/security-announce/2006/May/msg00003.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"],"title":"APPLE-SA-2006-05-11 Security Update 2006-003","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2006-1444","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2006-1444","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2006","cve_id":"1444","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"apple","cpe5":"mac_os_x","cpe6":"10.4.6","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":{"cve_year":"2006","cve_id":"1444","cve":"CVE-2006-1444","epss":"0.000970000","percentile":"0.266530000","score_date":"2026-04-20","updated_at":"2026-04-21 00:07:48"},"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-07T17:12:21.315Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"name":"17951","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/17951"},{"name":"ADV-2006-1779","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2006/1779"},{"name":"TA06-132A","tags":["third-party-advisory","x_refsource_CERT","x_transferred"],"url":"http://www.us-cert.gov/cas/techalerts/TA06-132A.html"},{"name":"1016079","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://securitytracker.com/id?1016079"},{"name":"25588","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://www.osvdb.org/25588"},{"name":"macos-coregraphics-quartz-security-bypass(26409)","tags":["vdb-entry","x_refsource_XF","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/26409"},{"name":"APPLE-SA-2006-05-11","tags":["vendor-advisory","x_refsource_APPLE","x_transferred"],"url":"http://lists.apple.com/archives/security-announce/2006/May/msg00003.html"},{"name":"20077","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/20077"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2006-05-11T00:00:00.000Z","descriptions":[{"lang":"en","value":"CoreGraphics in Apple Mac OS X 10.4.6, when \"Enable access for assistive devices\" is on, allows an application to bypass restrictions for secure event input and read certain events from other applications in the same window session by using Quartz Event Services."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2017-07-19T15:57:01.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"name":"17951","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/17951"},{"name":"ADV-2006-1779","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2006/1779"},{"name":"TA06-132A","tags":["third-party-advisory","x_refsource_CERT"],"url":"http://www.us-cert.gov/cas/techalerts/TA06-132A.html"},{"name":"1016079","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://securitytracker.com/id?1016079"},{"name":"25588","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://www.osvdb.org/25588"},{"name":"macos-coregraphics-quartz-security-bypass(26409)","tags":["vdb-entry","x_refsource_XF"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/26409"},{"name":"APPLE-SA-2006-05-11","tags":["vendor-advisory","x_refsource_APPLE"],"url":"http://lists.apple.com/archives/security-announce/2006/May/msg00003.html"},{"name":"20077","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/20077"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2006-1444","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"CoreGraphics in Apple Mac OS X 10.4.6, when \"Enable access for assistive devices\" is on, allows an application to bypass restrictions for secure event input and read certain events from other applications in the same window session by using Quartz Event Services."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"17951","refsource":"BID","url":"http://www.securityfocus.com/bid/17951"},{"name":"ADV-2006-1779","refsource":"VUPEN","url":"http://www.vupen.com/english/advisories/2006/1779"},{"name":"TA06-132A","refsource":"CERT","url":"http://www.us-cert.gov/cas/techalerts/TA06-132A.html"},{"name":"1016079","refsource":"SECTRACK","url":"http://securitytracker.com/id?1016079"},{"name":"25588","refsource":"OSVDB","url":"http://www.osvdb.org/25588"},{"name":"macos-coregraphics-quartz-security-bypass(26409)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/26409"},{"name":"APPLE-SA-2006-05-11","refsource":"APPLE","url":"http://lists.apple.com/archives/security-announce/2006/May/msg00003.html"},{"name":"20077","refsource":"SECUNIA","url":"http://secunia.com/advisories/20077"}]}}}},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2006-1444","datePublished":"2006-05-12T21:00:00.000Z","dateReserved":"2006-03-28T00:00:00.000Z","dateUpdated":"2024-08-07T17:12:21.315Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2006-05-12 21:02:00","lastModifiedDate":"2025-04-03 01:03:51","problem_types":["NVD-CWE-Other","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:N/A:N","baseScore":2.1,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":3.9,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:apple:mac_os_x:10.4.6:*:*:*:*:*:*:*","matchCriteriaId":"BB0F2132-8431-4CEF-9A3D-A69425E3834E"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2006","CveId":"1444","Ordinal":"1","Title":"CVE-2006-1444","CVE":"CVE-2006-1444","Year":"2006"},"notes":[{"CveYear":"2006","CveId":"1444","Ordinal":"1","NoteData":"CoreGraphics in Apple Mac OS X 10.4.6, when \"Enable access for assistive devices\" is on, allows an application to bypass restrictions for secure event input and read certain events from other applications in the same window session by using Quartz Event Services.","Type":"Description","Title":"CVE-2006-1444"},{"CveYear":"2006","CveId":"1444","Ordinal":"2","NoteData":"2006-05-12","Type":"Other","Title":"Published"},{"CveYear":"2006","CveId":"1444","Ordinal":"3","NoteData":"2017-07-19","Type":"Other","Title":"Modified"}]}}}