|
|
CVE Reference: CVE-2006-3504 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2006-3504 |
|
|
Description: The Download Validation in LaunchServices for Apple Mac OS X 10.4.7 can identify certain HTML as "safe", which could allow attackers to execute Javascript code in local context when the "Open 'safe' files after downloading" option is enabled in Safari. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/28146 SAID Secunia Advisory: SA21253 OSVDB 27743 CERT http://www.us-cert.gov/cas/techalerts/TA06-214A.html BID 19289 APPLE http://lists.apple.com/archives/security-announce/2006//Aug/msg00000.html |
|
| Return to the previous page. |
