Published: 07/07/2004 Updated: 11/07/2017

CVSS v2 Base Score: 7.6 | Impact Score: 10 | Exploitability Score: 4.9

VMScore: 765

Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C

HelpViewer in Mac OS X 10.3.3 and 10.2.8 processes scripts that it did not initiate, which can allow malicious users to execute arbitrary code, an issue that was originally reported as a directory traversal vulnerability in the Safari web browser using the runscript parameter in a help: URI handler.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apple mac os x 10.3
apple mac os x 10.3.1
apple mac os x server 10.3
apple mac os x server 10.3.1
apple mac os x 10.3.2
apple mac os x 10.3.3
apple mac os x server 10.3.2
apple mac os x server 10.3.3

source: wwwsecurityfocuscom/bid/10356/info It has been reported that Mac OS X may be prone to a vulnerability that could allow a remote attacker to execute arbitrary script code on a vulnerable system The issue presents itself due to the 'help:' protocol implemented by the Mac OS X help application It has been reported that the 'help: ...

NVD-CWE-Other http://www.fundisom.com/owned/warning http://secunia.com/advisories/11622/http://www.kb.cert.org/vuls/id/578798 http://www.securityfocus.com/bid/10356 http://lists.apple.com/mhonarc/security-announce/msg00053.html http://archives.neohapsis.com/archives/fulldisclosure/2004-05/0837.html http://www.osvdb.org/6184 http://securitytracker.com/id?1010167 https://exchange.xforce.ibmcloud.com/vulnerabilities/16166 https://nvd.nist.gov https://www.exploit-db.com/exploits/24121/https://www.kb.cert.org/vuls/id/578798

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2004-0486

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect