CVE-2008-4234
published 2008-12-17CVE-2008-4234: Incomplete blacklist vulnerability in the Quarantine feature in CoreTypes in Apple Mac OS X 10.5 before 10.5.6 allows user-assisted remote attackers to execute…
critical9.3CVSS 3.1
AVNACMAuNCCICAC
Incomplete blacklist vulnerability in the Quarantine feature in CoreTypes in Apple Mac OS X 10.5 before 10.5.6 allows user-assisted remote attackers to execute arbitrary code via an executable file with the content type indicating no application association for the file, which does not trigger a "potentially unsafe" warning message.
Affected
12 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | mac_os_x | <= 10.5.5 | — |
| apple | mac_os_x | — | — |
| apple | mac_os_x | — | — |
| apple | mac_os_x | — | — |
| apple | mac_os_x | — | — |
| apple | mac_os_x | — | — |
| apple | mac_os_x_server | <= 10.5.5 | — |
| apple | mac_os_x_server | — | — |
| apple | mac_os_x_server | — | — |
| apple | mac_os_x_server | — | — |
| apple | mac_os_x_server | — | — |
| apple | mac_os_x_server | — | — |