NuytsTech Security

CVE-2007-5854

by ·

Launch Services in Apple Mac OS X 10.4.11 and 10.5.1 does not treat HTML files as unsafe content, which allows attackers to conduct cross-site scripting (XSS) attacks or obtain sensitive information via a crafted HTML file.

Date published : 2007-12-19

http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html

http://www.securityfocus.com/bid/26910

Tags: