Back to search
CVE-2007-6165
Published: Nov 29, 2007
Modified: Aug 7, 2024
PUBLISHED
Description
Mail in Apple Mac OS X Leopard (10.5.1) allows user-assisted remote attackers to execute arbitrary code via an AppleDouble attachment containing an apparently-safe file type and script in a resource fork, which does not warn the user that a separate program is going to be executed. NOTE: this is a regression error related to CVE-2006-0395.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
ADV-2007-4238
vdb-entry
x_refsource_VUPEN
TA07-352A
third-party-advisory
x_refsource_CERT
VU#433819
third-party-advisory
x_refsource_CERT-VN
28136
third-party-advisory
x_refsource_SECUNIA
ADV-2007-3958
vdb-entry
x_refsource_VUPEN
1019106
vdb-entry
x_refsource_SECTRACK
APPLE-SA-2007-12-17
vendor-advisory
x_refsource_APPLE
http://docs.info.apple.com/article.html?artnum=307179
x_refsource_CONFIRM
27785
third-party-advisory
x_refsource_SECUNIA
http://www.heise-security.co.uk/news/99257
x_refsource_MISC
26510
vdb-entry
x_refsource_BID
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now