CVE Vulnerabilities

CVE-2008-1032

Published: Jun 02, 2008 | Modified: Aug 08, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
6.8 MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Incomplete blacklist vulnerability in CoreTypes in Apple Mac OS X before 10.5.3 allows user-assisted remote attackers to execute arbitrary code via an (1) Automator, (2) Help, (3) Safari, or (4) Terminal content type for a downloadable object, which does not trigger a potentially unsafe warning message in (a) the Download Validation feature in Mac OS X 10.4 or (b) the Quarantine feature in Mac OS X 10.5.

Affected Software

Name Vendor Start Version End Version
Mac_os_x Apple 10.4.11 10.4.11
Mac_os_x Apple 10.5 10.5
Mac_os_x Apple 10.5.1 10.5.1
Mac_os_x Apple 10.5.2 10.5.2
Mac_os_x_server Apple 10.4.11 10.4.11
Mac_os_x_server Apple 10.5 10.5
Mac_os_x_server Apple 10.5.1 10.5.1
Mac_os_x_server Apple 10.5.2 10.5.2

References