Back to search
CVE-2004-0486
Published: May 28, 2004
Modified: Aug 8, 2024
PUBLISHED
Description
HelpViewer in Mac OS X 10.3.3 and 10.2.8 processes scripts that it did not initiate, which can allow attackers to execute arbitrary code, an issue that was originally reported as a directory traversal vulnerability in the Safari web browser using the runscript parameter in a help: URI handler.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
VU#578798
third-party-advisory
x_refsource_CERT-VN
11622
third-party-advisory
x_refsource_SECUNIA
APPLE-SA-2004-05-21
vendor-advisory
x_refsource_APPLE
10356
vdb-entry
x_refsource_BID
6184
vdb-entry
x_refsource_OSVDB
20040516 Vuln. MacOSX/Safari: Remote help-call, execute scripts
mailing-list
x_refsource_FULLDISC
http://www.fundisom.com/owned/warning
x_refsource_MISC
macos-runscript-code-execution(16166)
vdb-entry
x_refsource_XF
1010167
vdb-entry
x_refsource_SECTRACK
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now