PT-2008-2633 · Apple · Automator+3

Brian Mastenbrook

Published

2008-06-02

Updated

2017-08-08

CVE-2008-1032

CVSS v2.0

6.8

Medium

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Mac OS X versions prior to 10.5.3

Description The issue allows user-assisted remote attackers to execute arbitrary code via specific content types for downloadable objects. This can occur through various applications, including Automator, Help, Safari, or Terminal, when a downloadable object does not trigger a warning message in the Download Validation feature in Mac OS X 10.4 or the Quarantine feature in Mac OS X 10.5.

Recommendations For Mac OS X versions prior to 10.5.3, update to version 10.5.3 or later to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2008-1032

Affected Products

Automator

Macos X

Safari

Terminal

PT-2008-2633 · Apple · Automator+3

CVE-2008-1032

Related Identifiers

Affected Products

References · 9