CVE-2005-1331

Severity

51%

Complexity

49%

Confidentiality

106%

The AppleScript Editor in Mac OS X 10.3.9 does not properly display script code for an applescript: URI, which can result in code that is different than the actual code that would be run, which could allow remote attackers to trick users into executing malicious code via certain URI characters such as NULL, control characters, and homographs.

The AppleScript Editor in Mac OS X 10.3.9 does not properly display script code for an applescript: URI, which can result in code that is different than the actual code that would be run, which could allow remote attackers to trick users into executing malicious code via certain URI characters such as NULL, control characters, and homographs.

CVSS 2.0 Base Score 5.1. CVSS Attack Vector: network. CVSS Attack Complexity: high. CVSS Vector: (AV:N/AC:H/Au:N/C:P/I:P/A:P).

Overview

Type

Apple Mac OS X

First reported 19 years ago

2005-05-04 04:00:00

Last updated 13 years ago

2011-03-08 02:21:00

Affected Software

Apple Mac OS X 10.3

10.3

Apple Mac OS X 10.3.1

10.3.1

Apple Mac OS X 10.3.2

10.3.2

Apple Mac OS X 10.3.3

10.3.3

Apple Mac OS X 10.3.4

10.3.4

Apple Mac OS X 10.3.5

10.3.5

Apple Mac OS X 10.3.6

10.3.6

Apple Mac OS X 10.3.7

10.3.7

Apple Mac OS X 10.3.8

10.3.8

Apple Mac OS X 10.3.9

10.3.9

Apple Mac OS X Server 10.3

10.3

Apple Mac OS X Server 10.3.1

10.3.1

Apple Mac OS X Server 10.3.2

10.3.2

Apple Mac OS X Server 10.3.3

10.3.3

Apple Mac OS X Server 10.3.4

10.3.4

Apple Mac OS X Server 10.3.5

10.3.5

Apple Mac OS X Server 10.3.6

10.3.6

Apple Mac OS X Server 10.3.7

10.3.7

Apple Mac OS X Server 10.3.8

10.3.8

Apple Mac OS X Server 10.3.9

10.3.9

References

APPLE-SA-2005-05-03

Patch

http://remahl.se/david/vuln/010/

Exploit

15227

Patch

13480

Patch

ADV-2005-0455

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.