exploitDog

CVE-2005-1723

Опубликовано: 08 июн. 2005

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

LaunchServices in Apple Mac OS X 10.4.x up to 10.4.1 does not properly mark file extensions and MIME types as unsafe if an Apple Uniform Type Identifier (UTI) is not created when the type is added to the database of unsafe types, which could allow attackers to bypass intended restrictions.

Ссылки

http://lists.apple.com/archives/security-announce/2005/Jun/msg00000.html
Patch
Vendor Advisory
http://securitytracker.com/id?1014141
http://lists.apple.com/archives/security-announce/2005/Jun/msg00000.html
Patch
Vendor Advisory
http://securitytracker.com/id?1014141

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:apple:mac_os_x_server:10.4:*:*:*:*:*:*:*

cpe:2.3:o:apple:mac_os_x_server:10.4.1:*:*:*:*:*:*:*

EPSS

Процентиль: 64%

0.00467

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-grxm-gmp3-rj8r

github

почти 4 года назад

LaunchServices in Apple Mac OS X 10.4.x up to 10.4.1 does not properly mark file extensions and MIME types as unsafe if an Apple Uniform Type Identifier (UTI) is not created when the type is added to the database of unsafe types, which could allow attackers to bypass intended restrictions.

EPSS

Процентиль: 64%

0.00467

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other