| Vulnerability Name: | CVE-2006-0848 (CCN-24808) | ||||||||
| Assigned: | 2006-02-21 | ||||||||
| Published: | 2006-02-21 | ||||||||
| Updated: | 2017-07-20 | ||||||||
| Summary: | The "Open 'safe' files after downloading" option in Safari on Apple Mac OS X allows remote user-assisted attackers to execute arbitrary commands by tricking a user into downloading a __MACOSX folder that contains metadata (resource fork) that invokes the Terminal, which automatically interprets the script using bash, as demonstrated using a ZIP file that contains a script with a safe file extension. | ||||||||
| CVSS v3 Severity: | 7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
| ||||||||
| CVSS v2 Severity: | 5.1 Medium (CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P) 4.2 Medium (Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P/E:F/RL:OF/RC:C)
6.2 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:F/RL:OF/RC:C)
| ||||||||
| Vulnerability Type: | CWE-16 | ||||||||
| Vulnerability Consequences: | Gain Access | ||||||||
| References: | Source: MITRE Type: CNA CVE-2006-0848 Source: CONFIRM Type: UNKNOWN http://docs.info.apple.com/article.html?artnum=303382 Source: CCN Type: Apple Security Update 2006-002 About Security Update 2006-002 Source: CCN Type: SA18963 Mac OS X File Association Meta Data Shell Script Execution Source: SECUNIA Type: Vendor Advisory 18963 Source: CCN Type: SECTRACK ID: 1015652 Apple Safari Lets Remote Users Cause Shell Code to Be Executed by the Target User Source: SECTRACK Type: Exploit 1015652 Source: CCN Type: Apple Web site Apple - Support - Downloads Source: MISC Type: Exploit, Vendor Advisory http://www.frsirt.com/exploits/20060222.safari_safefiles_exec.pm.php Source: MISC Type: UNKNOWN http://www.heise.de/english/newsticker/news/69862 Source: CCN Type: heise online news 21.02.2006 21:05 Security hole in Mac OS X also affects Apple Mail Source: CCN Type: US-CERT VU#999708 Apple Safari automatically executes arbitrary shell commands or code Source: CERT-VN Type: Third Party Advisory, US Government Resource VU#999708 Source: MISC Type: UNKNOWN http://www.mathematik.uni-ulm.de/numerik/staff/lehn/macosx.html Source: OSVDB Type: UNKNOWN 23510 Source: CCN Type: OSVDB ID: 23510 Apple Safari ZIP Archive File Extension Mismatch Arbitrary File Execution Source: BID Type: Exploit 16736 Source: CCN Type: BID-16736 Apple Mac OS X Archive Metadata Command Execution Vulnerability Source: CERT Type: Third Party Advisory, US Government Resource TA06-053A Source: CERT Type: US Government Resource TA06-062A Source: VUPEN Type: Vendor Advisory ADV-2006-0671 Source: XF Type: UNKNOWN macosx-zip-command-execution(24808) Source: XF Type: UNKNOWN macosx-zip-command-execution(24808) | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| BACK | |||||||||