Launch Services in Apple Mac OS X 10.6.x prior to 10.6.2 recursively clears quarantine information upon opening a quarantined folder, which allows user-assisted remote malicious users to execute arbitrary code via a quarantined application that does not trigger a "potentially unsafe" warning message.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apple mac os x 10.6.1 |
||
apple mac os x 10.6 |
||
apple mac os x server 10.6 |
||
apple mac os x server 10.6.1 |