CVE-2005-1331

high

Description

The AppleScript Editor in Mac OS X 10.3.9 does not properly display script code for an applescript: URI, which can result in code that is different than the actual code that would be run, which could allow remote attackers to trick users into executing malicious code via certain URI characters such as NULL, control characters, and homographs.

References

http://www.vupen.com/english/advisories/2005/0455

http://www.securityfocus.com/bid/13480

http://secunia.com/advisories/15227

http://lists.apple.com/archives/security-announce/2005/May/msg00001.html

Details

Source: Mitre, NVD

Published: 2005-05-04

Updated: 2011-03-08

Risk Information

CVSS v2

Base Score: 5.1

Vector: CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Severity: High