PT-2008-5509 · Apple · Macos X

Published

2008-10-10

Updated

2017-08-08

CVE-2008-4214

CVSS v2.0

4.6

Medium

Vector

AV:L/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions: Mac OS X versions 10.4.11 and 10.5.5

Description: The issue is related to an insecure file operation on temporary files in the Script Editor, allowing local users to cause the scripting dictionary to be written to arbitrary locations.

Recommendations: For Mac OS X version 10.4.11, update to a version that fixes the insecure file operation issue. For Mac OS X version 10.5.5, update to a version that fixes the insecure file operation issue. As a temporary workaround, consider restricting access to temporary files used by the Script Editor to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-264

Related Identifiers

CVE-2008-4214

Affected Products

Macos X

PT-2008-5509 · Apple · Macos X

CVE-2008-4214

Weakness Enumeration

Related Identifiers

Affected Products

References · 9