HelpViewer in Mac OS X 10.3.3 and 10.2.8 processes scripts that it did not initiate, which can allow malicious users to execute arbitrary code, an issue that was originally reported as a directory traversal vulnerability in the Safari web browser using the runscript parameter in a help: URI handler.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apple mac os x 10.3 |
||
apple mac os x 10.3.1 |
||
apple mac os x server 10.3 |
||
apple mac os x server 10.3.1 |
||
apple mac os x 10.3.2 |
||
apple mac os x 10.3.3 |
||
apple mac os x server 10.3.2 |
||
apple mac os x server 10.3.3 |