PT-2009-3529 · Apple · Macos X
Brian Mastenbrook
·
Publicado
2009-05-13
·
Atualizado
2017-08-17
·
CVE-2009-0943
CVSS v2.0
6.8
Média
| Vetor | AV:N/AC:M/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
Mac OS X versions 10.4.11 through 10.5.6
Description
The issue allows remote attackers to execute arbitrary code via a help: URL that triggers invocation of AppleScript files, due to the Help Viewer not verifying that HTML pathnames are located in a registered help book.
Recommendations
For Mac OS X versions 10.4.11 through 10.5.6, update to version 10.5.7 or later to resolve the issue.
Correção
RCE
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Macos X