CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6 matches found

Exploit DB•added 2015/10/26 12:0 a.m.•36 views

Apple Safari - User-Assisted Applescript Exec Attack (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Safari User-Assisted Applescript Exec Attack', 'Description' = %q In versions of Mac OS X before 10.11.1, the applescript:// URL...

7.5CVSS7.4AI score0.78161EPSS

Exploits8

Circl•added 2015/10/26 12:0 a.m.•22 views

CVE-2015-7007

creationtimestamp| type| source ---|---|--- 2015-10-26 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/38535 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/osx/browser/safariuserassistedapplescriptexec.rb 2025-02-06...

7.5CVSS9.3AI score0.78161EPSS

Exploits8References2

0day.today•added 2015/10/26 12:0 a.m.•41 views

Safari User-Assisted Applescript Exec Attack Exploit

Exploit for macOS platform in category remote exploits This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Safari User-Assisted Applescript Exec Attack', 'Description' = %q In versions...

7.5CVSS9.1AI score0.78161EPSS

Exploits8

CVE•added 2015/10/23 9:0 p.m.•63 views

CVE-2015-7007

CVE-2015-7007 affects Apple OS X Script Editor prior to 10.11.1. The vulnerability allows remote attackers to bypass the intended user confirmation for AppleScript execution via unspecified vectors, enabling arbitrary AppleScript execution without user approval. Impact, per sources, is partial co...

7.5CVSS8.3AI score0.78161EPSS

Exploits8References5Affected Software1

Packet Storm•added 2015/10/23 12:0 a.m.•37 views

Safari User-Assisted Applescript Exec Attack

7.5CVSS0.78161EPSS

Exploits8

Metasploit•added 2015/10/22 2:46 p.m.•21 views

Safari User-Assisted Applescript Exec Attack

In versions of Mac OS X before 10.11.1, the applescript:// URL scheme is provided, which opens the provided script in the Applescript Editor. Pressing cmd-R in the Editor executes the code without any additional confirmation from the user. By getting the user to press cmd-R in Safari, and by...

7.5CVSS7.2AI score0.78161EPSS

Exploits8

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by