Incomplete blacklist vulnerability in CoreTypes in Apple Mac OS X before 10.5.4 allows user-assisted remote attackers to execute arbitrary code via a (1) .xht or (2) .xhtm file, which does not trigger a "potentially unsafe" warning message in (a) the Download Validation feature in Mac OS X 10.4 or (b) the Quarantine feature in Mac OS X 10.5.

Threat-Mapped Scoring

Score: 1.8

Priority: P4 - Informational (Low)

• S9 – Sabotage of System/App

EPSS

Score: 0.02463
Percentile: 0.84585

CVSS Scoring

Affected Products

• cpe:2.3:o:apple:mac_os_x:10.4.1:*:*:*:*:*:*:*
• cpe:2.3:o:apple:mac_os_x:10.4.2:*:*:*:*:*:*:*
• cpe:2.3:o:apple:mac_os_x:10.4.3:*:*:*:*:*:*:*
• cpe:2.3:o:apple:mac_os_x:10.4.4:*:*:*:*:*:*:*
• cpe:2.3:o:apple:mac_os_x:10.4.5:*:*:*:*:*:*:*
• cpe:2.3:o:apple:mac_os_x:10.4.6:*:*:*:*:*:*:*
• cpe:2.3:o:apple:mac_os_x:10.4.7:*:*:*:*:*:*:*
• cpe:2.3:o:apple:mac_os_x:10.4.8:*:*:*:*:*:*:*
• cpe:2.3:o:apple:mac_os_x:10.4.9:*:*:*:*:*:*:*
• cpe:2.3:o:apple:mac_os_x:10.4.10:*:*:*:*:*:*:*
• cpe:2.3:o:apple:mac_os_x:10.4.11:*:*:*:*:*:*:*
• cpe:2.3:o:apple:mac_os_x:10.5:*:*:*:*:*:*:*
• cpe:2.3:o:apple:mac_os_x:10.5.1:*:*:*:*:*:*:*
• cpe:2.3:o:apple:mac_os_x:10.5.2:*:*:*:*:*:*:*
• cpe:2.3:o:apple:mac_os_x:10.5.3:*:*:*:*:*:*:*
• cpe:2.3:o:apple:mac_os_x_server:10.4.1:*:*:*:*:*:*:*
• cpe:2.3:o:apple:mac_os_x_server:10.4.2:*:*:*:*:*:*:*
• cpe:2.3:o:apple:mac_os_x_server:10.4.3:*:*:*:*:*:*:*
• cpe:2.3:o:apple:mac_os_x_server:10.4.4:*:*:*:*:*:*:*
• cpe:2.3:o:apple:mac_os_x_server:10.4.5:*:*:*:*:*:*:*
• cpe:2.3:o:apple:mac_os_x_server:10.4.6:*:*:*:*:*:*:*
• cpe:2.3:o:apple:mac_os_x_server:10.4.7:*:*:*:*:*:*:*
• cpe:2.3:o:apple:mac_os_x_server:10.4.8:*:*:*:*:*:*:*
• cpe:2.3:o:apple:mac_os_x_server:10.4.9:*:*:*:*:*:*:*
• cpe:2.3:o:apple:mac_os_x_server:10.4.10:*:*:*:*:*:*:*
• cpe:2.3:o:apple:mac_os_x_server:10.4.11:*:*:*:*:*:*:*
• cpe:2.3:o:apple:mac_os_x_server:10.5:*:*:*:*:*:*:*
• cpe:2.3:o:apple:mac_os_x_server:10.5.1:*:*:*:*:*:*:*
• cpe:2.3:o:apple:mac_os_x_server:10.5.2:*:*:*:*:*:*:*
• cpe:2.3:o:apple:mac_os_x_server:10.5.3:*:*:*:*:*:*:*

← Back to Home