15 matches found
CVE-2021-40531
Sketch before 75 allows library feeds to be used to bypass file quarantine. Files are automatically downloaded and opened, without the com.apple.quarantine extended attribute. This results in remote code execution, as demonstrated by CommandString in a terminal profile to Terminal.app...
Remote code execution
Sketch before 75 allows library feeds to be used to bypass file quarantine. Files are automatically downloaded and opened, without the com.apple.quarantine extended attribute. This results in remote code execution, as demonstrated by CommandString in a terminal profile to Terminal.app...
Safari Archive Metadata Command Execution
No description provided by source. $Id: safarimetadataarchive.rb 10394 2010-09-20 08:06:27Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and...
Apple Mac OS X 10.2 Terminal.APP Telnet Link Command Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/5768/info Mac OS X is the BSD-based operating system distributed and maintained by Apple. It has been discovered that some types of links, when clicked on, may result in the execution of arbitrary commands. Due to the...
Apple Safari - Archive Metadata Command Execution (Metasploit)
$Id: safarimetadataarchive.rb 10394 2010-09-20 08:06:27Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
Safari Archive Metadata Command Execution
$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3...
Apple Mac OS X 2008-001更新修复多个安全漏洞
BUGTRAQ ID: 27736 CVECAN ID: CVE-2008-0037,CVE-2008-0038,CVE-2008-0039,CVE-2008-0040,CVE-2008-0041,CVE-2008-0042 Mac OS X是苹果家族机器所使用的操作系统。 Apple 2008-001安全更新修复了Mac OS X中的多个安全漏洞,远程或本地攻击者可能利用这些漏洞造成多种威胁。 CVE-2008-0037 Mac OS X中的X11服务器没有正确地读取Allow connections from network...
Design/Logic Flaw
Argument injection vulnerability in Terminal.app in Terminal in Apple Mac OS X 10.4.11 and 10.5 through 10.5.1 allows remote attackers to execute arbitrary code via unspecified URL schemes...
CVE-2008-0042
Argument injection vulnerability in Terminal.app in Terminal in Apple Mac OS X 10.4.11 and 10.5 through 10.5.1 allows remote attackers to execute arbitrary code via unspecified URL schemes...
CVE-2008-0042
Argument injection vulnerability in Terminal.app in Terminal in Apple Mac OS X 10.4.11 and 10.5 through 10.5.1 allows remote attackers to execute arbitrary code via unspecified URL schemes...
safari_safefiles_exec.pm.txt
This file is part of the Metasploit Framework and may be redistributed according to the licenses defined in the Authors field below. In the case of an unknown or missing license, this file defaults to the same license as the core Framework dual GPLv2 and Artistic. The latest version of the...
Apple Mac OSX Safari Browser - 'Safe File' Remote Code Execution (Metasploit)
This file is part of the Metasploit Framework and may be redistributed according to the licenses defined in the Authors field below. In the case of an unknown or missing license, this file defaults to the same license as the core Framework dual GPLv2 and Artistic. The latest version of the...
Mac OS X Safari Browser (Safe File) Remote Code Execution Exploit
Exploit for macOS platform in category remote exploits ================================================================= Mac OS X Safari Browser Safe File Remote Code Execution Exploit ================================================================= This file is part of the Metasploit Framework...
CVE-2002-1898
Terminal 1.3 in Apple Mac OS X 10.2 allows remote attackers to execute arbitrary commands via shell metacharacters in a telnet:// link, which is executed by Terminal.app window...
Insecure pty permissions in OS X < 10.4
Hi all. Mac OS X 10.3.x and earlier doesn't provide any mechanism for non-setuid-root programs to change permissions on ptys. Hence xterms, screen sessions, and Terminal.app windows with explicitly specified commands are vulnerable to tty sniffing. Note that using Terminal.app's standard terminal...