Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2006-0848 — Apple MAC OS X vulnerability

CWE-164 documents4 sources

Severity

5.1MEDIUMNVD

EPSS

78.8%

top 0.95%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Apple MAC OS X Apple MAC OS X Server

Timeline

PublishedFeb 22

Latest updateMay 1

Description

The "Open 'safe' files after downloading" option in Safari on Apple Mac OS X allows remote user-assisted attackers to execute arbitrary commands by tricking a user into downloading a __MACOSX folder that contains metadata (resource fork) that invokes the Terminal, which automatically interprets the script using bash, as demonstrated using a ZIP file that contains a script with a safe file extension.

CVSS vector

AV:N/AC:H/C:P/I:P/A:PExploitability: 4.9 | Impact: 6.4

Affected Packages2 packages

▶NVDapple/mac_os_x10.4.5

▶NVDapple/mac_os_x_server10.4.5

🔴Vulnerability Details

GHSA

GHSA-pgr2-c4h8-5r6j: The "Open 'safe' files after downloading" option in Safari on Apple Mac OS X allows remote user-assisted attackers to execute arbitrary commands by tr↗2022-05-01

▶

💥Exploits & PoCs

Exploit-DB

Apple Safari - Archive Metadata Command Execution (Metasploit)↗2010-09-20

▶

Metasploit

Safari Archive Metadata Command Execution↗

▶