Back to search
CVE-2006-3504
Published: Aug 3, 2006
Modified: Aug 7, 2024
PUBLISHED
Description
The Download Validation in LaunchServices for Apple Mac OS X 10.4.7 can identify certain HTML as "safe", which could allow attackers to execute Javascript code in local context when the "Open 'safe' files after downloading" option is enabled in Safari.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
APPLE-SA-2006-08-01
vendor-advisory
x_refsource_APPLE
ADV-2006-3101
vdb-entry
x_refsource_VUPEN
21253
third-party-advisory
x_refsource_SECUNIA
macosx-launchservices-script-execution(28146)
vdb-entry
x_refsource_XF
19289
vdb-entry
x_refsource_BID
TA06-214A
third-party-advisory
x_refsource_CERT
27743
vdb-entry
x_refsource_OSVDB
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now