CVE-2006-0848

The "Open 'safe' files after downloading" option in Safari on Apple Mac OS X allows remote user-assisted attackers to execute arbitrary commands by tricking a user into downloading a __MACOSX folder that contains metadata (resource fork) that invokes the Terminal, which automatically interprets the script using bash, as demonstrated using a ZIP file that contains a script with a safe file extension.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:o:apple:mac_os_x_server:10.4.5:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.4.5:*:*:*:*:*:*:*

Information

Published : 2006-02-22 15:02

Updated : 2017-07-19 18:30


NVD link : CVE-2006-0848

Mitre link : CVE-2006-0848


JSON object : View

CWE
CWE-16

Configuration

Advertisement

dedicated server usa

Products Affected

apple

  • mac_os_x
  • mac_os_x_server