var-200505-0350
Vulnerability from variot
The AppleScript Editor in Mac OS X 10.3.9 does not properly display script code for an applescript: URI, which can result in code that is different than the actual code that would be run, which could allow remote attackers to trick users into executing malicious code via certain URI characters such as NULL, control characters, and homographs. Mac OS X AppleScript editor is prone to a code obfuscation vulnerability. This issue was initially reported in BID 13480 (Apple Mac OS X Multiple Vulnerabilities). Due to the availability of more information, this issue is being assigned a new BID. http://docs.info.apple.com/article.html?artnum=301528.
This email contains brief summaries of the problems. Full details can
be found on my web site http://remahl.se/david/vuln/.
Description: help: URI handler execution of JavaScripts with known
paths vulnerability
My name: DR004 http://remahl.se/david/vuln/004/
CVE: CAN-2005-1337 [yes, cool, isn't it ;-)]
Summary: The Help Viewer application allows JavaScript and is thus
vulnerable to having scripts with arbitrary paths run with the
privileges granted to file: protocol URIs. The files can be started
with a URI on the form of help:///path/to/file.html. Combined with
XMLHttpRequest's ability to disclose arbitrary files, this security
bug becomes critcal.
Description: Invisible characters in applescript: URL protocol
messaging vulnerability
My name: DR010 http://remahl.se/david/vuln/010/
CVE: CAN-2005-1331
Summary: URL Protocol Messaging is a technique used by Script Editor
to facilitate sharing of AppleScripts between users. By clicking a
link (for example in a web forum), a user can create a new Script
Editor document automatically, with text from the query string of the
URI. This avoids problems with copying text from the web or manually
typing code snippets. However, the technique can be used to trick
users into running dangerous code (with embedded control characters),
since insufficient input validation is performed. This can lead to execution of arbitrary
commands, aided by some of the escape sequences that Terminal supports.
Description: Mac OS X terminal emulators allow reading and writing of
window title through escape sequences
My name: DR012 http://remahl.se/david/vuln/012/
CVE: CAN-2005-1341
Summary: Apple Terminal (often referred to as Terminal.app) and xterm
which both ship with current versions of Mac OS X are vulnerable to a
well-known type of attack when displaying untrusted content. Using
escape sequences and social engineering attacks it is in some cases
possible to trick the user into performing arbitrary commands.
I would like to acknowledge the willingness of Apple's Product
Security team to cooperate with me in resolving these issues. CERT's
assistance has also been helpful. The most
serious of these vulnerabilities may allow a remote attacker to
execute arbitrary code. Impacts of other vulnerabilities addressed by
the update include disclosure of information and denial of service.
I. Further details are available in the following Vulnerability Notes:
VU#356070 - Apple Terminal fails to properly sanitize input for x-man-page URI
Apple Terminal on Mac OS X fails to sanitize x-man-page URIs, allowing
a remote attacker to execute arbitrary commands.
(CAN-2005-1342)
VU#882750 - libXpm image library vulnerable to buffer overflow
libXpm image parsing code contains a buffer-overflow vulnerability
that may allow a remote attacker execute arbitrary code or cause a
denial-of-service condition.
(CAN-2004-0687)
VU#125598 - LibTIFF vulnerable to integer overflow via corrupted directory entry count
An integer overflow in LibTIFF may allow a remote attacker to execute
arbitrary code.
(CAN-2004-1308)
VU#539110 - LibTIFF vulnerable to integer overflow in the TIFFFetchStrip() routine
An integer overflow in LibTIFF may allow a remote attacker to execute
arbitrary code.
(CAN-2004-1307)
VU#537878 - libXpm library contains multiple integer overflow vulnerabilities
libXpm contains multiple integer-overflow vulnerabilities that may
allow a remote attacker execute arbitrary code or cause a
denial-of-service condition.
(CAN-2004-0688)
VU#331694 - Apple Mac OS X chpass/chfn/chsh utilities do not properly validate external programs
Mac OS X Directory Service utilities do not properly validate code
paths to external programs, potentially allowing a local attacker to
execute arbitrary code.
(CAN-2004-1335)
VU#582934 - Apple Mac OS X Foundation framework vulnerable to buffer overflow via incorrect handling of an environmental variable
A buffer overflow in Mac OS X's Foundation Framework's processing of
environment variables may lead to elevated privileges.
(CAN-2004-1332)
VU#354486 - Apple Mac OS X Server Netinfo Setup Tool fails to validate command line parameters
Apple Mac OS X Server NeST tool contains a vulnerability in the
processing of command line arguments that could allow a local attacker
to execute arbitrary code.
(CAN-2004-0594)
Please note that Apple Security Update 2005-005 addresses additional vulnerabilities not described above. As further information becomes available, we will publish individual Vulnerability Notes.
II. Impact
The impacts of these vulnerabilities vary, for information about specific impacts please see the Vulnerability Notes. Potential consequences include remote execution of arbitrary code or commands, disclosure of sensitive information, and denial of service.
III. Solution
Install an Update
Install the update as described in Apple Security Update 2005-005.
Appendix A. References
* US-CERT Vulnerability Note VU#582934 -
<http://www.kb.cert.org/vuls/id/582934>
* US-CERT Vulnerability Note VU#258390 -
<http://www.kb.cert.org/vuls/id/258390>
* US-CERT Vulnerability Note VU#331694 -
<http://www.kb.cert.org/vuls/id/331694>
* US-CERT Vulnerability Note VU#706838 -
<http://www.kb.cert.org/vuls/id/706838>
* US-CERT Vulnerability Note VU#539110 -
<http://www.kb.cert.org/vuls/id/539110>
* US-CERT Vulnerability Note VU#354486 -
<http://www.kb.cert.org/vuls/id/354486>
* US-CERT Vulnerability Note VU#882750 -
<http://www.kb.cert.org/vuls/id/882750>
* US-CERT Vulnerability Note VU#537878 -
<http://www.kb.cert.org/vuls/id/537878>
* US-CERT Vulnerability Note VU#125598 -
<http://www.kb.cert.org/vuls/id/125598>
* US-CERT Vulnerability Note VU#356070 -
<http://www.kb.cert.org/vuls/id/356070>
* Apple Security Update 2005-005 -
<http://docs.info.apple.com/article.html?artnum=301528>
These vulnerabilities were discovered by several people and reported in Apple Security Update 2005-005. Please see the Vulnerability Notes for individual reporter acknowledgements.
Feedback can be directed to the authors: Jeffrey Gennari and Jason Rafail.
Copyright 2005 Carnegie Mellon University. Terms of use
Revision History
May 16, 2005: Initial release Last updated May 16, 2005 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux)
iQEVAwUBQojwRBhoSezw4YfQAQKb1gf/a7XQAZQR+t5+FpzRoUrJyVIg3Mf1IISP yS5GLgfwC+4GuDEd/BA51+591OhNAWa1hO2JAUQwJ799VL7vAY6vbDW84c+S0eQ+ J+FHgddUsuvRtmsXCg2Fin1JRG4hCqBQ9q2S0h4+fM7yWSdLOY7xeAAwPOwG+bsU AVjDMNiPACHxw7CNQ8qpPXFfo3qrV+oj55F62TbR0fujtil6yQR3lE9wSeiuLs/i KgQFZlHMEoAwQnghwLk7eQLkzGD9eAZ+pZ7Ny0AvF7avhGflh2nFNe2acFoJ2Iw7 /gMXj/uN/ZpDssS37y38LIvyA3kIQrSlEW7iKf1wi2eQ3ntjyv/9NA== =uqBU -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200505-0350",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.3.5"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.3.8"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.3"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.3.6"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.3.7"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.3.4"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.3.3"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.3.1"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.3.9"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.3.2"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.2"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.6"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.8"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.5"
},
{
"model": "applescript",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "2.0.0"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.7"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.4"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.1"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.9"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.3"
},
{
"model": "pirate software simplecam",
"scope": "eq",
"trust": 0.3,
"vendor": "dead",
"version": "1.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"model": "pirate software simplecam",
"scope": "ne",
"trust": 0.3,
"vendor": "dead",
"version": "1.3"
}
],
"sources": [
{
"db": "BID",
"id": "13500"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-912"
},
{
"db": "NVD",
"id": "CVE-2005-1331"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "David Remahl\u203b vuln@remahl.se",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200505-912"
}
],
"trust": 0.6
},
"cve": "CVE-2005-1331",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 4.9,
"id": "CVE-2005-1331",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 4.9,
"id": "VHN-12540",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:H/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2005-1331",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200505-912",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-12540",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-12540"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-912"
},
{
"db": "NVD",
"id": "CVE-2005-1331"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The AppleScript Editor in Mac OS X 10.3.9 does not properly display script code for an applescript: URI, which can result in code that is different than the actual code that would be run, which could allow remote attackers to trick users into executing malicious code via certain URI characters such as NULL, control characters, and homographs. Mac OS X AppleScript editor is prone to a code obfuscation vulnerability. \nThis issue was initially reported in BID 13480 (Apple Mac OS X Multiple Vulnerabilities). Due to the availability of more information, this issue is being assigned a new BID. \u003chttp://docs.info.apple.com/article.html?artnum=301528\u003e. \n\nThis email contains brief summaries of the problems. Full details can \nbe found on my web site \u003chttp://remahl.se/david/vuln/\u003e. \n\nDescription: help: URI handler execution of JavaScripts with known \npaths vulnerability\nMy name: DR004 \u003chttp://remahl.se/david/vuln/004/\u003e\nCVE: CAN-2005-1337 [yes, cool, isn\u0027t it ;-)]\nSummary: The Help Viewer application allows JavaScript and is thus \nvulnerable to having scripts with arbitrary paths run with the \nprivileges granted to file: protocol URIs. The files can be started \nwith a URI on the form of help:///path/to/file.html. Combined with \nXMLHttpRequest\u0027s ability to disclose arbitrary files, this security \nbug becomes critcal. \n\nDescription: Invisible characters in applescript: URL protocol \nmessaging vulnerability\nMy name: DR010 \u003chttp://remahl.se/david/vuln/010/\u003e\nCVE: CAN-2005-1331\nSummary: URL Protocol Messaging is a technique used by Script Editor \nto facilitate sharing of AppleScripts between users. By clicking a \nlink (for example in a web forum), a user can create a new Script \nEditor document automatically, with text from the query string of the \nURI. This avoids problems with copying text from the web or manually \ntyping code snippets. However, the technique can be used to trick \nusers into running dangerous code (with embedded control characters), \nsince insufficient input validation is performed. This can lead to execution of arbitrary \ncommands, aided by some of the escape sequences that Terminal supports. \n\nDescription: Mac OS X terminal emulators allow reading and writing of \nwindow title through escape sequences\nMy name: DR012 \u003chttp://remahl.se/david/vuln/012/\u003e\nCVE: CAN-2005-1341\nSummary: Apple Terminal (often referred to as Terminal.app) and xterm \nwhich both ship with current versions of Mac OS X are vulnerable to a \nwell-known type of attack when displaying untrusted content. Using \nescape sequences and social engineering attacks it is in some cases \npossible to trick the user into performing arbitrary commands. \n\nI would like to acknowledge the willingness of Apple\u0027s Product \nSecurity team to cooperate with me in resolving these issues. CERT\u0027s \nassistance has also been helpful. The most\n serious of these vulnerabilities may allow a remote attacker to\n execute arbitrary code. Impacts of other vulnerabilities addressed by\n the update include disclosure of information and denial of service. \n\nI. Further details are available in\n the following Vulnerability Notes:\n\n VU#356070 - Apple Terminal fails to properly sanitize input for\n x-man-page URI\n\n Apple Terminal on Mac OS X fails to sanitize x-man-page URIs, allowing\n a remote attacker to execute arbitrary commands. \n (CAN-2005-1342)\n\n VU#882750 - libXpm image library vulnerable to buffer overflow\n\n libXpm image parsing code contains a buffer-overflow vulnerability\n that may allow a remote attacker execute arbitrary code or cause a\n denial-of-service condition. \n (CAN-2004-0687)\n\n VU#125598 - LibTIFF vulnerable to integer overflow via corrupted\n directory entry count\n\n An integer overflow in LibTIFF may allow a remote attacker to execute\n arbitrary code. \n (CAN-2004-1308)\n\n VU#539110 - LibTIFF vulnerable to integer overflow in the\n TIFFFetchStrip() routine\n\n An integer overflow in LibTIFF may allow a remote attacker to execute\n arbitrary code. \n (CAN-2004-1307)\n\n VU#537878 - libXpm library contains multiple integer overflow\n vulnerabilities\n\n libXpm contains multiple integer-overflow vulnerabilities that may\n allow a remote attacker execute arbitrary code or cause a\n denial-of-service condition. \n (CAN-2004-0688)\n\n VU#331694 - Apple Mac OS X chpass/chfn/chsh utilities do not properly\n validate external programs\n\n Mac OS X Directory Service utilities do not properly validate code\n paths to external programs, potentially allowing a local attacker to\n execute arbitrary code. \n (CAN-2004-1335)\n\n VU#582934 - Apple Mac OS X Foundation framework vulnerable to buffer\n overflow via incorrect handling of an environmental variable\n\n A buffer overflow in Mac OS X\u0027s Foundation Framework\u0027s processing of\n environment variables may lead to elevated privileges. \n (CAN-2004-1332)\n\n VU#354486 - Apple Mac OS X Server Netinfo Setup Tool fails to validate\n command line parameters\n\n Apple Mac OS X Server NeST tool contains a vulnerability in the\n processing of command line arguments that could allow a local attacker\n to execute arbitrary code. \n (CAN-2004-0594)\n \n Please note that Apple Security Update 2005-005 addresses additional\n vulnerabilities not described above. As further information becomes\n available, we will publish individual Vulnerability Notes. \n\nII. Impact\n\n The impacts of these vulnerabilities vary, for information about\n specific impacts please see the Vulnerability Notes. Potential\n consequences include remote execution of arbitrary code or commands,\n disclosure of sensitive information, and denial of service. \n\nIII. Solution\n\nInstall an Update\n\n Install the update as described in Apple Security Update 2005-005. \n\nAppendix A. References\n\n * US-CERT Vulnerability Note VU#582934 -\n \u003chttp://www.kb.cert.org/vuls/id/582934\u003e\n \n * US-CERT Vulnerability Note VU#258390 -\n \u003chttp://www.kb.cert.org/vuls/id/258390\u003e\n \n * US-CERT Vulnerability Note VU#331694 -\n \u003chttp://www.kb.cert.org/vuls/id/331694\u003e\n\n * US-CERT Vulnerability Note VU#706838 -\n \u003chttp://www.kb.cert.org/vuls/id/706838\u003e\n\n * US-CERT Vulnerability Note VU#539110 -\n \u003chttp://www.kb.cert.org/vuls/id/539110\u003e\n\n * US-CERT Vulnerability Note VU#354486 -\n \u003chttp://www.kb.cert.org/vuls/id/354486\u003e\n\n * US-CERT Vulnerability Note VU#882750 -\n \u003chttp://www.kb.cert.org/vuls/id/882750\u003e\n\n * US-CERT Vulnerability Note VU#537878 -\n \u003chttp://www.kb.cert.org/vuls/id/537878\u003e\n\n * US-CERT Vulnerability Note VU#125598 -\n \u003chttp://www.kb.cert.org/vuls/id/125598\u003e\n\n * US-CERT Vulnerability Note VU#356070 -\n \u003chttp://www.kb.cert.org/vuls/id/356070\u003e\n\n * Apple Security Update 2005-005 -\n \u003chttp://docs.info.apple.com/article.html?artnum=301528\u003e\n _________________________________________________________________\n\n These vulnerabilities were discovered by several people and reported\n in Apple Security Update 2005-005. Please see the Vulnerability Notes\n for individual reporter acknowledgements. \n _________________________________________________________________\n\n Feedback can be directed to the authors: Jeffrey Gennari and Jason\n Rafail. \n _________________________________________________________________\n\n Copyright 2005 Carnegie Mellon University. Terms of use\n\n Revision History\n\n May 16, 2005: Initial release\n Last updated May 16, 2005 \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.2.1 (GNU/Linux)\n\niQEVAwUBQojwRBhoSezw4YfQAQKb1gf/a7XQAZQR+t5+FpzRoUrJyVIg3Mf1IISP\nyS5GLgfwC+4GuDEd/BA51+591OhNAWa1hO2JAUQwJ799VL7vAY6vbDW84c+S0eQ+\nJ+FHgddUsuvRtmsXCg2Fin1JRG4hCqBQ9q2S0h4+fM7yWSdLOY7xeAAwPOwG+bsU\nAVjDMNiPACHxw7CNQ8qpPXFfo3qrV+oj55F62TbR0fujtil6yQR3lE9wSeiuLs/i\nKgQFZlHMEoAwQnghwLk7eQLkzGD9eAZ+pZ7Ny0AvF7avhGflh2nFNe2acFoJ2Iw7\n/gMXj/uN/ZpDssS37y38LIvyA3kIQrSlEW7iKf1wi2eQ3ntjyv/9NA==\n=uqBU\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2005-1331"
},
{
"db": "BID",
"id": "13500"
},
{
"db": "VULHUB",
"id": "VHN-12540"
},
{
"db": "PACKETSTORM",
"id": "38718"
},
{
"db": "PACKETSTORM",
"id": "39271"
}
],
"trust": 1.44
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2005-1331",
"trust": 2.1
},
{
"db": "BID",
"id": "13480",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "15227",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2005-0455",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200505-912",
"trust": 0.7
},
{
"db": "APPLE",
"id": "APPLE-SA-2005-05-03",
"trust": 0.6
},
{
"db": "BID",
"id": "13500",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-12540",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "38718",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#258390",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#539110",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#356070",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#354486",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#331694",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#125598",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#706838",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#582934",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#537878",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#882750",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "39271",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-12540"
},
{
"db": "BID",
"id": "13500"
},
{
"db": "PACKETSTORM",
"id": "38718"
},
{
"db": "PACKETSTORM",
"id": "39271"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-912"
},
{
"db": "NVD",
"id": "CVE-2005-1331"
}
]
},
"id": "VAR-200505-0350",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-12540"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-29T22:01:37.279000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-1331"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://remahl.se/david/vuln/010/"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2005/may/msg00001.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/13480"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/15227"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2005/0455"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2005/0455"
},
{
"trust": 0.3,
"url": "http://www.apple.com"
},
{
"trust": 0.3,
"url": "/archive/1/397489"
},
{
"trust": 0.1,
"url": ""
},
{
"trust": 0.1,
"url": "http://remahl.se/david/vuln/010/\u003e"
},
{
"trust": 0.1,
"url": "http://remahl.se/david/vuln/012/\u003e"
},
{
"trust": 0.1,
"url": "http://remahl.se/david/vuln/011/\u003e"
},
{
"trust": 0.1,
"url": "http://docs.info.apple.com/article.html?artnum=301528\u003e."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-1342"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-1341"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-1331"
},
{
"trust": 0.1,
"url": "http://remahl.se/david/vuln/004/\u003e"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-1337"
},
{
"trust": 0.1,
"url": "http://remahl.se/david/vuln/\u003e."
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/125598\u003e"
},
{
"trust": 0.1,
"url": "http://docs.info.apple.com/article.html?artnum=301528\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/539110\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/537878\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/356070\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/331694\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/882750\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/354486\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/706838\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/258390\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/582934\u003e"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-12540"
},
{
"db": "BID",
"id": "13500"
},
{
"db": "PACKETSTORM",
"id": "38718"
},
{
"db": "PACKETSTORM",
"id": "39271"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-912"
},
{
"db": "NVD",
"id": "CVE-2005-1331"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-12540"
},
{
"db": "BID",
"id": "13500"
},
{
"db": "PACKETSTORM",
"id": "38718"
},
{
"db": "PACKETSTORM",
"id": "39271"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-912"
},
{
"db": "NVD",
"id": "CVE-2005-1331"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-05-04T00:00:00",
"db": "VULHUB",
"id": "VHN-12540"
},
{
"date": "2005-05-03T00:00:00",
"db": "BID",
"id": "13500"
},
{
"date": "2005-07-15T06:39:33",
"db": "PACKETSTORM",
"id": "38718"
},
{
"date": "2005-08-14T06:00:54",
"db": "PACKETSTORM",
"id": "39271"
},
{
"date": "2005-05-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200505-912"
},
{
"date": "2005-05-04T04:00:00",
"db": "NVD",
"id": "CVE-2005-1331"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-03-08T00:00:00",
"db": "VULHUB",
"id": "VHN-12540"
},
{
"date": "2009-07-12T14:06:00",
"db": "BID",
"id": "13500"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200505-912"
},
{
"date": "2024-11-20T23:57:06.273000",
"db": "NVD",
"id": "CVE-2005-1331"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "39271"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-912"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apple Mac OS X AppleScript Editor code confusing vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200505-912"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200505-912"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…