Vulnerabilities

CVE-2008-2309

by Fred · 01/07/2008

Incomplete blacklist vulnerability in CoreTypes in Apple Mac OS X before 10.5.4 allows user-assisted remote attackers to execute arbitrary code via a (1) .xht or (2) .xhtm file, which does not trigger a "potentially unsafe" warning message in (a) the Download Validation feature in Mac OS X 10.4 or (b) the Quarantine feature in Mac OS X 10.5.

Date published : 2008-07-01

http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html

http://www.securityfocus.com/bid/30018

Similar

Tags: Cybersecurity Alert