Vulnerability Name:

CVE-2005-1331 (CCN-20404)

Assigned:2005-05-04
Published:2005-05-04
Updated:2011-03-08
Summary:The AppleScript Editor in Mac OS X 10.3.9 does not properly display script code for an applescript: URI, which can result in code that is different than the actual code that would be run, which could allow remote attackers to trick users into executing malicious code via certain URI characters such as NULL, control characters, and homographs.
CVSS v3 Severity:5.6 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:5.1 Medium (CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
5.1 Medium (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-Other
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2005-1331

Source: CCN
Type: AppleCare Knowledge Base Document 301528
Security Update 2005-005

Source: APPLE
Type: Patch
APPLE-SA-2005-05-03

Source: MISC
Type: Exploit
http://remahl.se/david/vuln/010/

Source: CCN
Type: SA15227
Mac OS X Security Update Fixes Multiple Vulnerabilities

Source: SECUNIA
Type: Patch
15227

Source: CCN
Type: Mac OS X Web page
Apple - Mac OS X

Source: CCN
Type: Mac OS X Server Web page
Mac OS X Server

Source: CCN
Type: CIAC INFORMATION BULLETIN P-200
Apple Security Update 2005-005

Source: CCN
Type: OSVDB ID: 16072
Apple Mac OS X AppleScript URI Spoofing Arbitrary Code Execution

Source: BID
Type: Patch
13480

Source: CCN
Type: BID-13480
Apple Mac OS X Multiple Vulnerabilities

Source: CCN
Type: BID-13500
Apple Mac OS X AppleScript Editor Code Obfuscation Vulnerability

Source: VUPEN
Type: UNKNOWN
ADV-2005-0455

Source: XF
Type: UNKNOWN
macos-applescript-url-obfuscation(20404)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:apple:applescript:2.0.0:*:*:*:*:*:*:*

    • Configuration 2:
  • cpe:/o:apple:mac_os_x:10.3:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.3.1:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.3.2:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.3.3:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.3.4:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.3.5:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.3.6:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.3.7:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.3.8:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.3.9:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.3:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.3.1:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.3.2:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.3.3:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.3.4:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.3.5:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.3.6:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.3.7:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.3.8:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.3.9:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:apple:applescript:2.0.0:*:*:*:*:*:*:*
  • AND
  • cpe:/o:apple:mac_os_x:10.3.7:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.3.7:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.3.5:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.3.6:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.3.8:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.3.8:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.3:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.3.9:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.3.9:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.3.2:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.3.2:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.3.6:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.3.1:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.3.3:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.3.4:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.3:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.3.1:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.3.3:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.3.4:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.3.5:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    apple applescript 2.0.0
    apple mac os x 10.3
    apple mac os x 10.3.1
    apple mac os x 10.3.2
    apple mac os x 10.3.3
    apple mac os x 10.3.4
    apple mac os x 10.3.5
    apple mac os x 10.3.6
    apple mac os x 10.3.7
    apple mac os x 10.3.8
    apple mac os x 10.3.9
    apple mac os x server 10.3
    apple mac os x server 10.3.1
    apple mac os x server 10.3.2
    apple mac os x server 10.3.3
    apple mac os x server 10.3.4
    apple mac os x server 10.3.5
    apple mac os x server 10.3.6
    apple mac os x server 10.3.7
    apple mac os x server 10.3.8
    apple mac os x server 10.3.9
    apple applescript 2.0.0
    apple mac os x 10.3.7
    apple mac os x server 10.3.7
    apple mac os x 10.3.5
    apple mac os x 10.3.6
    apple mac os x server 10.3.8
    apple mac os x 10.3.8
    apple mac os x 10.3
    apple mac os x 10.3.9
    apple mac os x server 10.3.9
    apple mac os x server 10.3.2
    apple mac os x 10.3.2
    apple mac os x server 10.3.6
    apple mac os x 10.3.1
    apple mac os x 10.3.3
    apple mac os x 10.3.4
    apple mac os x server 10.3
    apple mac os x server 10.3.1
    apple mac os x server 10.3.3
    apple mac os x server 10.3.4
    apple mac os x server 10.3.5