CVE-2006-0388 — Code Injection in Apple MAC OS X

CWE-94 — Code Injection2 documents2 sources

Severity

2.6LOWNVD

EPSS

0.4%

top 38.42%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple MAC OS X Apple MAC OS X Server

Timeline

PublishedMar 3

Latest updateMay 1

Description

Safari in Mac OS X 10.3 before 10.3.9 and 10.4 before 10.4.5 allows remote attackers to redirect users to local files and execute arbitrary JavaScript via unspecified vectors involving HTTP redirection to local resources.

CVSS vector

AV:L/AC:H/C:N/I:P/A:PExploitability: 1.9 | Impact: 4.9

Affected Packages2 packages

▶NVDapple/mac_os_x16 versions+15

▶NVDapple/mac_os_x_server16 versions+15

Patches

Patch: lists.apple.com ↗Patch: secunia.com ↗Patch: securitytracker.com ↗

🔴Vulnerability Details

GHSA

GHSA-cwr3-6h95-r5rc: Safari in Mac OS X 10↗2022-05-01

▶