Incomplete blacklist vulnerability in CoreTypes in Apple Mac OS X prior to 10.5.3 allows user-assisted remote malicious users to execute arbitrary code via an (1) Automator, (2) Help, (3) Safari, or (4) Terminal content type for a downloadable object, which does not trigger a "potentially unsafe" warning message in (a) the Download Validation feature in Mac OS X 10.4 or (b) the Quarantine feature in Mac OS X 10.5.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apple mac os x server 10.5.1 |
||
apple mac os x server 10.5.2 |
||
apple mac os x server 10.4.11 |
||
apple mac os x server 10.5 |
||
apple mac os x 10.4.11 |
||
apple mac os x 10.5 |
||
apple mac os x 10.5.1 |
||
apple mac os x 10.5.2 |