CVE-2008-0060 (Mac OS X, Mac OS X Server) [Sitemap] - HeapOverflow Computer Security Community & Forums : Heap Overflow.com

PDA

View Full Version : CVE-2008-0060 (Mac OS X, Mac OS X Server)

Heap

19-03-08, 20:28

Help Viewer in Apple Mac OS X 10.4.11 and 10.5.2 allows remote attackers to execute arbitrary Applescript via a help:topic_list URL that injects HTML or JavaScript into a topic list page, as demonstrated using a help:runscript link.

More... (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0060)