Info

Disclosure

Jun 07, 2004

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

Mac OS X contains a flaw that may allow a malicious user to execute arbitrary code. The issue is triggered when the "Show in Finder" option is selected in Safari, which may allow specific files which have been downloaded to execute. It is possible that the flaw may allow arbitrary code execution resulting in a loss of integrity.

Classification

Location: Remote / Network Access
Attack Type: Other
Impact: Loss of Integrity
Exploit: Exploit Unknown
Disclosure: OSVDB Verified

Solution

Currently, there are no known workarounds or upgrades to correct this issue. However, Apple has released a patch to address this vulnerability.

Products

Apple Computer, Inc.

Mac OS X

10.3.4

References

Security Tracker: 1010413
Bugtraq ID: 10486
Secunia Advisory ID: 11689
ISS X-Force ID: 16351
CVE ID: 2004-0539 (see also: NVD)
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2004-06/0094.html
Vendor Specific Advisory URL: http://docs.info.apple.com/article.html?artnum=61798

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/8432