Vulnerability Details CVE-2010-1374
Directory traversal vulnerability in iChat in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, when AIM is used, allows remote attackers to create arbitrary files via directory traversal sequences in an inline image-transfer operation.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.008
EPSS Ranking 73.1%
CVSS Severity
CVSS v2 Score 4.3
References
- http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html
- http://secunia.com/advisories/40220
- http://securitytracker.com/id?1024103
- http://support.apple.com/kb/HT4188
- http://www.securityfocus.com/bid/40871
- http://www.vupen.com/english/advisories/2010/1481
- http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html
- http://secunia.com/advisories/40220
- http://securitytracker.com/id?1024103
- http://support.apple.com/kb/HT4188
- http://www.securityfocus.com/bid/40871
- http://www.vupen.com/english/advisories/2010/1481
Products affected by CVE-2010-1374
-
cpe:2.3:a:aol:aim:1.0
-
cpe:2.3:a:aol:aim:1.06
-
cpe:2.3:a:aol:aim:1.7
-
cpe:2.3:a:aol:aim:2.0
-
cpe:2.3:a:aol:aim:2.1
-
cpe:2.3:a:aol:aim:3.0
-
cpe:2.3:a:aol:aim:3.5
-
cpe:2.3:a:aol:aim:4.1
-
cpe:2.3:a:aol:aim:4.2
-
cpe:2.3:a:aol:aim:4.3
-
cpe:2.3:a:aol:aim:4.4
-
cpe:2.3:a:aol:aim:4.7
-
cpe:2.3:a:aol:aim:4.8
-
cpe:2.3:a:aol:aim:5.0
-
cpe:2.3:a:aol:aim:5.1
-
cpe:2.3:a:aol:aim:5.2
-
cpe:2.3:a:aol:aim:5.5
-
cpe:2.3:a:aol:aim:5.9
-
cpe:2.3:a:aol:aim:6.0
-
cpe:2.3:a:aol:aim:6.2
-
cpe:2.3:a:aol:aim:6.5
-
cpe:2.3:a:aol:aim:6.8
-
cpe:2.3:o:apple:mac_os_x:10.5.8
-
cpe:2.3:o:apple:mac_os_x:10.6.0
-
cpe:2.3:o:apple:mac_os_x:10.6.1
-
cpe:2.3:o:apple:mac_os_x:10.6.2
-
cpe:2.3:o:apple:mac_os_x:10.6.3
-
cpe:2.3:o:apple:mac_os_x_server:10.5.8
-
cpe:2.3:o:apple:mac_os_x_server:10.6.0
-
cpe:2.3:o:apple:mac_os_x_server:10.6.1
-
cpe:2.3:o:apple:mac_os_x_server:10.6.2
-
cpe:2.3:o:apple:mac_os_x_server:10.6.3