exploitDog

CVE-2010-0523

Опубликовано: 30 мар. 2010

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

Wiki Server in Apple Mac OS X 10.5.8 does not restrict the file types of uploaded files, which allows remote attackers to obtain sensitive information or possibly have unspecified other impact via a crafted file, as demonstrated by a Java applet.

Комментарий

Per: http://support.apple.com/kb/HT4077

'This issue only affects Mac OS X Server systems, and does not affect versions 10.6 or later.'

Ссылки

http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html
Vendor Advisory
http://support.apple.com/kb/HT4077
Vendor Advisory
http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html
Vendor Advisory
http://support.apple.com/kb/HT4077
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:apple:mac_os_x_server:10.5.8:*:*:*:*:*:*:*

EPSS

Процентиль: 43%

0.00209

Низкий

5 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

GHSA-m2j7-ph2m-w822

github

почти 4 года назад

Wiki Server in Apple Mac OS X 10.5.8 does not restrict the file types of uploaded files, which allows remote attackers to obtain sensitive information or possibly have unspecified other impact via a crafted file, as demonstrated by a Java applet.

EPSS

Процентиль: 43%

0.00209

Низкий

5 Medium

CVSS2

Дефекты

CWE-200