Vulnerabilities > CVE-2005-1331 - Multiple vulnerability in Apple Mac OS X
Attack vector
NETWORK Attack complexity
HIGH Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
The AppleScript Editor in Mac OS X 10.3.9 does not properly display script code for an applescript: URI, which can result in code that is different than the actual code that would be run, which could allow remote attackers to trick users into executing malicious code via certain URI characters such as NULL, control characters, and homographs.
Vulnerable Configurations
Nessus
| NASL family | MacOS X Local Security Checks |
| NASL id | MACOSX_SECUPD2005-005.NASL |
| description | The remote host is missing Security Update 2005-005. This security update contains fixes for the following applications : - Apache - AppKit - AppleScript - Bluetooth - Directory Services - Finder - Foundation - HelpViewer - LDAP - libXpm - lukemftpd - NetInfo - ServerAdmin - sudo - Terminal - VPN These programs have multiple vulnerabilities that could allow a remote attacker to execute arbitrary code. |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 18189 |
| published | 2005-05-03 |
| reporter | This script is Copyright (C) 2005-2018 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/18189 |
| title | Mac OS X Multiple Vulnerabilities (Security Update 2005-005) |