Launch Services in Apple Mac OS X 10.6.x before 10.6.2 recursively clears quarantine information upon opening a quarantined folder, which allows user-assisted remote attackers to execute arbitrary code via a quarantined application that does not trigger a “potentially unsafe” warning message.
CPE | Name | Operator | Version |
---|---|---|---|
mac_os_x | eq | 10.6 | |
mac_os_x | eq | 10.6.1 | |
mac_os_x_server | eq | 10.6 | |
mac_os_x_server | eq | 10.6.1 |