CVE-2008-2309

Name of the Vulnerable Software and Affected Versions: Mac OS X versions prior to 10.5.4

Description: The issue allows user-assisted remote attackers to execute arbitrary code via certain file types, including .xht or .xhtm files, which do not trigger a warning message in the Download Validation feature in Mac OS X 10.4 or the Quarantine feature in Mac OS X 10.5.

Recommendations: For Mac OS X versions prior to 10.5.4, update to version 10.5.4 or later to resolve the issue.