Lucene search

[email protected]CVE-2005-1723

HistoryJun 08, 2005 - 4:00 a.m.

CVE-2005-1723

2005-06-0804:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2005-1723

launchservices

apple

mac os x

security vulnerability

mime types

file extensions

nvd

6.4 Medium

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

65.7%

JSON

LaunchServices in Apple Mac OS X 10.4.x up to 10.4.1 does not properly mark file extensions and MIME types as unsafe if an Apple Uniform Type Identifier (UTI) is not created when the type is added to the database of unsafe types, which could allow attackers to bypass intended restrictions.

CPENameOperatorVersion
apple:mac_os_x_serverapple mac os x servereq10.4.1
apple:mac_os_x_serverapple mac os x servereq10.4

CPE	Name	Operator	Version
apple:mac_os_x_server	apple mac os x server	eq	10.4.1
apple:mac_os_x_server	apple mac os x server	eq	10.4

References

lists.apple.com/archives/security-announce/2005/Jun/msg00000.html

securitytracker.com/id?1014141

6.4 Medium

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

65.7%

JSON

Related for CVE-2005-1723

nessus1