Mail in Mac OS X 10.3.7, when generating a Message-ID header, generates a GUUID that includes information that identifies the Ethernet hardware being used, which allows remote attackers to link mail messages to a particular machine.
References
Link | Resource |
---|---|
http://lists.apple.com/archives/security-announce/2005/Jan/msg00001.html | Patch Vendor Advisory |
http://www.kb.cert.org/vuls/id/464662 | Patch Third Party Advisory US Government Resource |
http://secunia.com/advisories/14005 | Patch Vendor Advisory |
http://securitytracker.com/id?1013001 | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/19085 |
Configurations
Configuration 1 (hide)
|
Information
Published : 2005-05-01 21:00
Updated : 2017-07-10 18:32
NVD link : CVE-2005-0127
Mitre link : CVE-2005-0127
JSON object : View
CWE
Products Affected
apple
- mac_os_x
- mac_os_x_server