PT-2008-3802 · Apple · Macos X

Published

2008-07-01

Updated

2017-08-08

CVE-2008-2311

CVSS v2.0

7.6

High

Vector

AV:N/AC:H/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions: Apple Mac OS X versions prior to 10.5

Description: The issue allows remote attackers to execute arbitrary code via a symlink attack, probably related to a race condition and automatic execution of a downloaded file when Open Safe Files is enabled.

Recommendations: For versions prior to 10.5, update to version 10.5 or later to resolve the issue. As a temporary workaround, consider disabling the Open Safe Files feature to minimize the risk of exploitation.

Fix

Race Condition

Link Following

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-362CWE-59

Related Identifiers

CVE-2008-2311

Affected Products

Macos X

PT-2008-3802 · Apple · Macos X

CVE-2008-2311

Weakness Enumeration

Related Identifiers

Affected Products

References · 8