CVE-2006-1457 — Apple MAC OS X vulnerability

2 documents2 sources

Severity

2.6LOWNVD

EPSS

2.0%

top 16.48%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple MAC OS X Apple MAC OS X Server

Timeline

PublishedMay 12

Latest updateMay 1

Description

Safari on Apple Mac OS X 10.4.6, when "Open `safe' files after downloading" is enabled, will automatically expand archives, which could allow remote attackers to overwrite arbitrary files via an archive that contains a symlink.

CVSS vector

AV:N/AC:H/C:N/I:P/A:NExploitability: 4.9 | Impact: 2.9

Affected Packages2 packages

▶NVDapple/mac_os_x10.4.6

▶NVDapple/mac_os_x_server10.4.6

Patches

Patch: lists.apple.com ↗Patch: lists.apple.com ↗

🔴Vulnerability Details

GHSA

GHSA-6vwp-7h6j-rxxm: Safari on Apple Mac OS X 10↗2022-05-01

▶