PT-2008-3800 · Apple · Macos X

Published

2008-07-01

Updated

2017-08-08

CVE-2008-2309

CVSS v2.0

6.8

Medium

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions: Mac OS X versions prior to 10.5.4

Description: The issue allows user-assisted remote attackers to execute arbitrary code via certain file types, including .xht or .xhtm files, which do not trigger a warning message in the Download Validation feature in Mac OS X 10.4 or the Quarantine feature in Mac OS X 10.5.

Recommendations: For Mac OS X versions prior to 10.5.4, update to version 10.5.4 or later to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-264

Related Identifiers

CVE-2008-2309

Affected Products

Macos X

PT-2008-3800 · Apple · Macos X

CVE-2008-2309

Weakness Enumeration

Related Identifiers

Affected Products

References · 8