CVE-2009-2811

Name of the Vulnerable Software and Affected Versions Apple Mac OS X version 10.5.8

Description The issue is related to an incomplete blacklist vulnerability in Launch Services, allowing user-assisted remote attackers to execute arbitrary code via a .fileloc file. This file type does not trigger a "potentially unsafe" warning message in the Quarantine feature.

Recommendations For Apple Mac OS X version 10.5.8, consider restricting the handling of .fileloc files to minimize the risk of exploitation until a fix is available.