PT-2009-5171 · Apple · Macos X

Published

2009-11-10

Updated

2009-11-17

CVE-2009-2810

CVSS v2.0

6.8

Medium

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Mac OS X versions 10.6.0 through 10.6.1

Description The issue allows user-assisted remote attackers to execute arbitrary code via a quarantined application that does not trigger a "potentially unsafe" warning message. This occurs because Launch Services in Mac OS X recursively clears quarantine information upon opening a quarantined folder.

Recommendations For Mac OS X versions 10.6.0 through 10.6.1, update to version 10.6.2 or later to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2009-2810

Affected Products

Macos X

PT-2009-5171 · Apple · Macos X

CVE-2009-2810

Related Identifiers

Affected Products

References · 5