Vulnerability Details CVE-2005-1331
The AppleScript Editor in Mac OS X 10.3.9 does not properly display script code for an applescript: URI, which can result in code that is different than the actual code that would be run, which could allow remote attackers to trick users into executing malicious code via certain URI characters such as NULL, control characters, and homographs.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.011
EPSS Ranking 77.3%
CVSS Severity
CVSS v2 Score 5.1
References
- http://lists.apple.com/archives/security-announce/2005/May/msg00001.html
- http://remahl.se/david/vuln/010/
- http://secunia.com/advisories/15227
- http://www.securityfocus.com/bid/13480
- http://www.vupen.com/english/advisories/2005/0455
- http://lists.apple.com/archives/security-announce/2005/May/msg00001.html
- http://remahl.se/david/vuln/010/
- http://secunia.com/advisories/15227
- http://www.securityfocus.com/bid/13480
- http://www.vupen.com/english/advisories/2005/0455
Products affected by CVE-2005-1331
-
cpe:2.3:a:apple:applescript:2.0.0
-
cpe:2.3:o:apple:mac_os_x:10.3
-
cpe:2.3:o:apple:mac_os_x:10.3.1
-
cpe:2.3:o:apple:mac_os_x:10.3.2
-
cpe:2.3:o:apple:mac_os_x:10.3.3
-
cpe:2.3:o:apple:mac_os_x:10.3.4
-
cpe:2.3:o:apple:mac_os_x:10.3.5
-
cpe:2.3:o:apple:mac_os_x:10.3.6
-
cpe:2.3:o:apple:mac_os_x:10.3.7
-
cpe:2.3:o:apple:mac_os_x:10.3.8
-
cpe:2.3:o:apple:mac_os_x:10.3.9
-
cpe:2.3:o:apple:mac_os_x_server:10.3
-
cpe:2.3:o:apple:mac_os_x_server:10.3.1
-
cpe:2.3:o:apple:mac_os_x_server:10.3.2
-
cpe:2.3:o:apple:mac_os_x_server:10.3.3
-
cpe:2.3:o:apple:mac_os_x_server:10.3.4
-
cpe:2.3:o:apple:mac_os_x_server:10.3.5
-
cpe:2.3:o:apple:mac_os_x_server:10.3.6
-
cpe:2.3:o:apple:mac_os_x_server:10.3.7
-
cpe:2.3:o:apple:mac_os_x_server:10.3.8
-
cpe:2.3:o:apple:mac_os_x_server:10.3.9