CVE-2010-0546 — Link Following in Apple MAC OS X

CWE-59 — Link Following7 documents5 sources

Severity

3.3LOWNVD

EPSS

0.0%

top 91.37%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple MAC OS X Apple MAC OS X Server

Timeline

PublishedJun 17

Latest updateMay 2

Description

Folder Manager in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, allows local users to delete arbitrary folders via a symlink attack in conjunction with an unmount operation on a crafted volume, related to the Cleanup At Startup folder.

CVSS vector

AV:L/AC:M/C:N/I:P/A:PExploitability: 3.4 | Impact: 4.9

Affected Packages2 packages

▶NVDapple/mac_os_x5 versions+4

▶NVDapple/mac_os_x_server5 versions+4

Patches

Patch: support.apple.com ↗Patch: www.securityfocus.com ↗Patch: www.vupen.com ↗

🔴Vulnerability Details

GHSA

GHSA-rgcj-4qc4-rj56: Folder Manager in Apple Mac OS X 10↗2022-05-02

▶

CVEList

CVE-2010-0546: Folder Manager in Apple Mac OS X 10↗2010-06-17

▶

💥Exploits & PoCs

Exploit-DB

Symantec Backup Exec 12.5 - Man In The Middle↗2011-07-09

▶

Exploit-DB

feedDemon 3.1.0.12 - Local Stack Buffer Overflow (Metasploit)↗2010-11-11

▶

💬Community

Bugzilla

CVE-2010-2754 Mozilla Cross-origin data leakage from script filename in error messages↗2010-07-16

▶