Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Mail in Apple Mac OS X Leopard (10.5.1) allows user-assisted remote attackers to execute arbitrary code via an AppleDouble attachment containing an apparently-safe file type and script in a resource fork, which does not warn the user that a separate program is going to be executed. NOTE: this is a regression error related to CVE-2006-0395.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Apple Mail邮件附件处理代码执行漏洞
Vulnerability Description
Apple Mail是苹果操作系统中所捆绑的邮件客户端。 Apple Mail在处理畸形的邮件附件时存在漏洞,远程攻击者可能利用此漏洞在用户系统上执行恶意命令。 Mac操作系统上的文件可能包含有额外的信息,例如其他程序打开文件所要使用的信息。操作系统将这些文件储存在链接到文件的名为resource fork的文件系统中。通常仅有本地系统才可以访问这类信息,但对于邮件,MIME格式AppleDouble允许附带resource fork,并由Apple Mail自动分析。 攻击者可以创建显示为JPEG图标的
CVSS Information
N/A
Vulnerability Type
N/A