CVE-2005-1331

Sažetak

The AppleScript Editor in Mac OS X 10.3.9 does not properly display script code for an applescript: URI, which can result in code that is different than the actual code that would be run, which could allow remote attackers to trick users into executing malicious code via certain URI characters such as NULL, control characters, and homographs.

Reference

http://lists.apple.com/archives/security-announce/2005/May/msg00001.html
http://remahl.se/david/vuln/010/
http://secunia.com/advisories/15227
http://www.securityfocus.com/bid/13480
http://www.vupen.com/english/advisories/2005/0455

CVSS

Base:	5.1
Impact:	6.4
Exploitability:	4.9

Pristup

Vektor	Složenost	Autentikacija
NETWORK	HIGH	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:H/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

08-03-2011 - 02:21

Objavljeno

04-05-2005 - 04:00