CVE Vulnerabilities

CVE-2008-4234

Published: Dec 17, 2008 | Modified: Aug 08, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
9.3 HIGH
AV:N/AC:M/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

Incomplete blacklist vulnerability in the Quarantine feature in CoreTypes in Apple Mac OS X 10.5 before 10.5.6 allows user-assisted remote attackers to execute arbitrary code via an executable file with the content type indicating no application association for the file, which does not trigger a potentially unsafe warning message.

Affected Software

Name Vendor Start Version End Version
Mac_os_x Apple 10.5 10.5
Mac_os_x Apple 10.5.1 10.5.1
Mac_os_x Apple 10.5.2 10.5.2
Mac_os_x Apple 10.5.3 10.5.3
Mac_os_x Apple 10.5.4 10.5.4
Mac_os_x Apple * 10.5.5
Mac_os_x_server Apple 10.5 10.5
Mac_os_x_server Apple 10.5.1 10.5.1
Mac_os_x_server Apple 10.5.2 10.5.2
Mac_os_x_server Apple 10.5.3 10.5.3
Mac_os_x_server Apple 10.5.4 10.5.4
Mac_os_x_server Apple * 10.5.5

References