21 lines
1.2 KiB
Text
Executable file
21 lines
1.2 KiB
Text
Executable file
source: http://www.securityfocus.com/bid/26510/info
|
|
|
|
Apple Mac OS X is prone to a vulnerability that can allow arbitrary code to run. This issue affects the Mail application when handling email attachments.
|
|
|
|
Attackers can exploit this issue to execute arbitrary code in the context of the user running the application. This will compromise the application and possibly the underlying operating system.
|
|
|
|
This issue affects Mac OS X 10.5.
|
|
|
|
NOTE: This vulnerability may be related to CVE-2007-0395 documented in BID 16907 (Apple Mac OS X Security Update 2006-001 Multiple Vulnerabilities). Although the issues seem similar in nature, this may not be the very same underlying vulnerability. We will update this BID as more information emerges.
|
|
|
|
UPDATE (November 21, 2007): Reports indicate that this issue occurs because of an error in the application's quarantine feature. We have not confirmed this information.
|
|
|
|
UPDATE (December 17, 2007): This vulnerability stems from an unspecified implementation issue in the Launch Services application.
|
|
http://www.securityfocus.com/bid/16907
|
|
|
|
/bin/ls -al
|
|
echo
|
|
echo
|
|
echo "heise Security: You are vulnerable."
|
|
echo
|
|
echo
|