Lucene search

[email protected]CVE-2004-0489

HistoryJul 07, 2004 - 4:00 a.m.

CVE-2004-0489

2004-07-0704:00:00

CWE-88

[email protected]

web.nvd.nist.gov

cve

2004

0489

argument injection

safari

ssh

uri handler

mac os

nvd

vulnerability

7.6 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

8.2 High

AI Score

Confidence

Low

0.009 Low

EPSS

Percentile

82.5%

JSON

Argument injection vulnerability in the SSH URI handler for Safari on Mac OS 10.3.3 and earlier allows remote attackers to (1) execute arbitrary code via the ProxyCommand option or (2) conduct port forwarding via the -R option.

Affected configurations

NVD

Node

applemac_os_xRange≤10.3.3

CPENameOperatorVersion
apple:mac_os_xapple mac os xle10.3.3

CPE	Name	Operator	Version
apple:mac_os_x	apple mac os x	le	10.3.3

References

lists.grok.org.uk/pipermail/full-disclosure/2004-May/021871.html

www.insecure.ws/article.php?story=200405222251133

exchange.xforce.ibmcloud.com/vulnerabilities/16242

7.6 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

8.2 High

AI Score

Confidence

Low

0.009 Low

EPSS

Percentile

82.5%

JSON

Related for CVE-2004-0489

nvd1 cvelist1