5

CVE-2006-1447

LaunchServices in Apple Mac OS X 10.4.6 allows remote attackers to cause Safari to launch unsafe content via long file name extensions, which prevents Download Validation from determining which application will be used to open the file.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
ApplemacOS X Version10.4.6
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 3.07% 0.859
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:P/I:N/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://lists.apple.com/archives/security-announce/2006/May/msg00003.html
Patch
http://secunia.com/advisories/20077
http://www.securityfocus.com/bid/17951
http://www.us-cert.gov/cas/techalerts/TA06-132A.html
US Government Resource
http://www.vupen.com/english/advisories/2006/1779
http://securitytracker.com/id?1016081
http://www.osvdb.org/25591
https://exchange.xforce.ibmcloud.com/vulnerabilities/26416