CVE-2004-0486
Summary
HelpViewer in Mac OS X 10.3.3 and 10.2.8 processes scripts that it did not initiate, which can allow attackers to execute arbitrary code, an issue that was originally reported as a directory traversal vulnerability in the Safari web browser using the runscript parameter in a help: URI handler.
- HIGH
- NETWORK
- NONE
- COMPLETE
- COMPLETE
- COMPLETE
References
Advisory Timeline
- Published