Vulnerability Details CVE-2006-1447
LaunchServices in Apple Mac OS X 10.4.6 allows remote attackers to cause Safari to launch unsafe content via long file name extensions, which prevents Download Validation from determining which application will be used to open the file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.008
EPSS Ranking 73.2%
CVSS Severity
CVSS v2 Score 5.0
References
- http://lists.apple.com/archives/security-announce/2006/May/msg00003.html
- http://secunia.com/advisories/20077
- http://securitytracker.com/id?1016081
- http://www.osvdb.org/25591
- http://www.securityfocus.com/bid/17951
- http://www.us-cert.gov/cas/techalerts/TA06-132A.html
- http://www.vupen.com/english/advisories/2006/1779
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26416
- http://lists.apple.com/archives/security-announce/2006/May/msg00003.html
- http://secunia.com/advisories/20077
- http://securitytracker.com/id?1016081
- http://www.osvdb.org/25591
- http://www.securityfocus.com/bid/17951
- http://www.us-cert.gov/cas/techalerts/TA06-132A.html
- http://www.vupen.com/english/advisories/2006/1779
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26416