CVE-2006-1447

MEDIUM

Description

LaunchServices in Apple Mac OS X 10.4.6 allows remote attackers to cause Safari to launch unsafe content via long file name extensions, which prevents Download Validation from determining which application will be used to open the file.

References

http://lists.apple.com/archives/security-announce/2006/May/msg00003.html

http://secunia.com/advisories/20077

http://securitytracker.com/id?1016081

http://www.osvdb.org/25591

http://www.securityfocus.com/bid/17951

http://www.us-cert.gov/cas/techalerts/TA06-132A.html

http://www.vupen.com/english/advisories/2006/1779

https://exchange.xforce.ibmcloud.com/vulnerabilities/26416

Details

Source: MITRE

Published: 2006-05-12

Updated: 2017-07-20

Risk Information

CVSS v2.0

Base Score: 5

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Impact Score: 2.9

Exploitability Score: 10

Severity: MEDIUM