URL	Tags
cve@mitre.org	http://lists.apple.com/archives/security-announce/2005/May/msg00001.html	Patch
cve@mitre.org	http://remahl.se/david/vuln/010/	Exploit
cve@mitre.org	http://secunia.com/advisories/15227	Patch
cve@mitre.org	http://www.securityfocus.com/bid/13480	Patch
cve@mitre.org	http://www.vupen.com/english/advisories/2005/0455
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2005/May/msg00001.html	Patch
af854a3a-2127-422b-91ae-364da2661108	http://remahl.se/david/vuln/010/	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/15227	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/13480	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2005/0455

▼	Vendor	Product
	n/a	n/a

var-200505-0350

Vulnerability from variot

The AppleScript Editor in Mac OS X 10.3.9 does not properly display script code for an applescript: URI, which can result in code that is different than the actual code that would be run, which could allow remote attackers to trick users into executing malicious code via certain URI characters such as NULL, control characters, and homographs. Mac OS X AppleScript editor is prone to a code obfuscation vulnerability. This issue was initially reported in BID 13480 (Apple Mac OS X Multiple Vulnerabilities). Due to the availability of more information, this issue is being assigned a new BID. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

I have published advisories for 4 security vulnerabilities in Mac OS
X that were addressed by Apple Security Update 2005-005, released
today. http://docs.info.apple.com/article.html?artnum=301528.

This email contains brief summaries of the problems. Full details can
be found on my web site http://remahl.se/david/vuln/.

Description: help: URI handler execution of JavaScripts with known
paths vulnerability My name: DR004 http://remahl.se/david/vuln/004/ CVE: CAN-2005-1337 [yes, cool, isn't it ;-)] Summary: The Help Viewer application allows JavaScript and is thus
vulnerable to having scripts with arbitrary paths run with the
privileges granted to file: protocol URIs. The files can be started
with a URI on the form of help:///path/to/file.html. Combined with
XMLHttpRequest's ability to disclose arbitrary files, this security
bug becomes critcal.

Description: Invisible characters in applescript: URL protocol
messaging vulnerability My name: DR010 http://remahl.se/david/vuln/010/ CVE: CAN-2005-1331 Summary: URL Protocol Messaging is a technique used by Script Editor
to facilitate sharing of AppleScripts between users. By clicking a
link (for example in a web forum), a user can create a new Script
Editor document automatically, with text from the query string of the
URI. This avoids problems with copying text from the web or manually
typing code snippets. However, the technique can be used to trick
users into running dangerous code (with embedded control characters),
since insufficient input validation is performed.

Description: Apple Terminal insufficient input sanitation of x-man- path: URIs vulnerability My name: DR011 http://remahl.se/david/vuln/011/ CVE: CAN-2005-1342 Summary: Apple Terminal fails to properly sanitize the contents of x- man-path: URIs passed to it. This can lead to execution of arbitrary
commands, aided by some of the escape sequences that Terminal supports.

Description: Mac OS X terminal emulators allow reading and writing of
window title through escape sequences My name: DR012 http://remahl.se/david/vuln/012/ CVE: CAN-2005-1341 Summary: Apple Terminal (often referred to as Terminal.app) and xterm
which both ship with current versions of Mac OS X are vulnerable to a
well-known type of attack when displaying untrusted content. Using
escape sequences and social engineering attacks it is in some cases
possible to trick the user into performing arbitrary commands.

I would like to acknowledge the willingness of Apple's Product
Security team to cooperate with me in resolving these issues. CERT's
assistance has also been helpful. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c00600177 Version: 1

HPSBUX02119 SSRT4848 rev.1 - HP-UX Running Motif Applications Remote Arbitrary Code Execution, Denial of Service (DoS)

NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.

Release Date: 2006-05-17 Last Updated: 2006-05-15

Potential Security Impact: Remote arbitrary code execution, Denial of Service (DoS)

Source: Hewlett-Packard Company, HP Software Security Response Team

VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with Motif applications running on HP-UX. The potential vulnerabilities could be exploited to allow remote execution of arbitrary code or Denial for Service (DoS).

References: CERT VU#537878, VU#882750

SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.00, B.11.11, B.11.23 running Motif applications.

BACKGROUND

Potential vulnerabilities have been reported with the handling of XPixMap format data: http://www.kb.cert.org/vuls/id/882750 http://www.kb.cert.org/vuls/id/537878

AFFECTED VERSIONS

HP-UX B.11.00

X11.MOTIF-SHLIB action: install PHSS_33129 or subsequent

HP-UX B.11.11

X11.MOTIF-SHLIB action: install PHSS_33130 or subsequent

HP-UX B.11.23

X11.MOTIF-SHLIB action: install PHSS_33132 or subsequent

RESOLUTION HP has made the following patches available to resolve the issue. The patches can be downloaded from http://itrc.hp.com

HP-UX B.11.00 PHSS_33129 or subsequent HP-UX B.11.11 PHSS_33130 or subsequent HP-UX B.11.23 PHSS_33132 or subsequent

MANUAL ACTIONS: No

PRODUCT SPECIFIC INFORMATION

HP-UX Security Patch Check: Security Patch Check revision B.02.00 analyzes all HP-issued Security Bulletins to provide a subset of recommended actions that potentially affect a specific HP-UX system. For more information: http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6834AA

HISTORY Version:1 (rev.1) 17 May 2006 Initial release

Support: For further information, contact normal HP Services support channel.

Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com. It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key

Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA& langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC

On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches - check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems - verify your operating system selections are checked and save.

To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.

To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do

The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:

GN = HP General SW, MA = HP Management Agents, MI = Misc. 3rd party SW, MP = HP MPE/iX, NS = HP NonStop Servers, OV = HP OpenVMS, PI = HP Printing & Imaging, ST = HP Storage SW, TL = HP Trusted Linux, TU = HP Tru64 UNIX, UX = HP-UX, VV = HP Virtual Vault

System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.

"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."

(c)Copyright 2006 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP nor its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNATURE----- Version: PGP 8.1

iQA/AwUBRHGcseAfOvwtKn1ZEQLsCQCgsfBQfOCJ10fRkLsGaGyKFw52JnIAnj+C 6Kgv/Lr9cDfmSn3EfBJJW35+ =u3wT -----END PGP SIGNATURE-----

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200505-0350",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "mac os x server",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "10.3.5"
      },
      {
        "model": "mac os x server",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "10.3.8"
      },
      {
        "model": "mac os x server",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "10.3"
      },
      {
        "model": "mac os x server",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "10.3.6"
      },
      {
        "model": "mac os x server",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "10.3.7"
      },
      {
        "model": "mac os x server",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "10.3.4"
      },
      {
        "model": "mac os x server",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "10.3.3"
      },
      {
        "model": "mac os x server",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "10.3.1"
      },
      {
        "model": "mac os x server",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "10.3.9"
      },
      {
        "model": "mac os x server",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "10.3.2"
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "10.3.7"
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "10.3.3"
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "10.3.8"
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "10.3"
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "10.3.6"
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "10.3.9"
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "10.3.2"
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "10.3.1"
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "10.3.5"
      },
      {
        "model": "applescript",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "2.0.0"
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "10.3.4"
      },
      {
        "model": "pirate software simplecam",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "dead",
        "version": "1.2"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.3.9"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.3.8"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.3.7"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.3.6"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.3.5"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.3.4"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.3.3"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.3.2"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.3.1"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.3"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.3.9"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.3.8"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.3.7"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.3.6"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.3.5"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.3.4"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.3.3"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.3.2"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.3.1"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.3"
      },
      {
        "model": "pirate software simplecam",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "dead",
        "version": "1.3"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "13500"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200505-912"
      },
      {
        "db": "NVD",
        "id": "CVE-2005-1331"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "David Remahl\u203b vuln@remahl.se",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200505-912"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2005-1331",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.1,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 4.9,
            "id": "CVE-2005-1331",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 1.0,
            "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.1,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 4.9,
            "id": "VHN-12540",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:H/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2005-1331",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200505-912",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-12540",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-12540"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200505-912"
      },
      {
        "db": "NVD",
        "id": "CVE-2005-1331"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The AppleScript Editor in Mac OS X 10.3.9 does not properly display script code for an applescript: URI, which can result in code that is different than the actual code that would be run, which could allow remote attackers to trick users into executing malicious code via certain URI characters such as NULL, control characters, and homographs. Mac OS X AppleScript editor is prone to a code obfuscation vulnerability. \nThis issue was initially reported in BID 13480 (Apple Mac OS X Multiple Vulnerabilities). Due to the availability of more information, this issue is being assigned a new BID. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nI have published advisories for 4 security vulnerabilities in Mac OS  \nX that were addressed by Apple Security Update 2005-005, released  \ntoday. \u003chttp://docs.info.apple.com/article.html?artnum=301528\u003e. \n\nThis email contains brief summaries of the problems. Full details can  \nbe found on my web site \u003chttp://remahl.se/david/vuln/\u003e. \n\nDescription: help: URI handler execution of JavaScripts with known  \npaths vulnerability\nMy name: DR004 \u003chttp://remahl.se/david/vuln/004/\u003e\nCVE: CAN-2005-1337 [yes, cool, isn\u0027t it ;-)]\nSummary: The Help Viewer application allows JavaScript and is thus  \nvulnerable to having scripts with arbitrary paths run with the  \nprivileges granted to file: protocol URIs. The files can be started  \nwith a URI on the form of help:///path/to/file.html. Combined with  \nXMLHttpRequest\u0027s ability to disclose arbitrary files, this security  \nbug becomes critcal. \n\nDescription: Invisible characters in applescript: URL protocol  \nmessaging vulnerability\nMy name: DR010 \u003chttp://remahl.se/david/vuln/010/\u003e\nCVE: CAN-2005-1331\nSummary: URL Protocol Messaging is a technique used by Script Editor  \nto facilitate sharing of AppleScripts between users. By clicking a  \nlink (for example in a web forum), a user can create a new Script  \nEditor document automatically, with text from the query string of the  \nURI. This avoids problems with copying text from the web or manually  \ntyping code snippets. However, the technique can be used to trick  \nusers into running dangerous code (with embedded control characters),  \nsince insufficient input validation is performed. \n\nDescription: Apple Terminal insufficient input sanitation of x-man- \npath: URIs vulnerability\nMy name: DR011 \u003chttp://remahl.se/david/vuln/011/\u003e\nCVE: CAN-2005-1342\nSummary: Apple Terminal fails to properly sanitize the contents of x- \nman-path: URIs passed to it. This can lead to execution of arbitrary  \ncommands, aided by some of the escape sequences that Terminal supports. \n\nDescription: Mac OS X terminal emulators allow reading and writing of  \nwindow title through escape sequences\nMy name: DR012 \u003chttp://remahl.se/david/vuln/012/\u003e\nCVE: CAN-2005-1341\nSummary: Apple Terminal (often referred to as Terminal.app) and xterm  \nwhich both ship with current versions of Mac OS X are vulnerable to a  \nwell-known type of attack when displaying untrusted content. Using  \nescape sequences and social engineering attacks it is in some cases  \npossible to trick the user into performing arbitrary commands. \n\nI would like to acknowledge the willingness of Apple\u0027s Product  \nSecurity team to cooperate with me in resolving these issues. CERT\u0027s  \nassistance has also been helpful. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c00600177\nVersion: 1\n\nHPSBUX02119 SSRT4848 rev.1 - HP-UX Running Motif Applications Remote Arbitrary \nCode Execution, Denial of Service (DoS)\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2006-05-17\nLast Updated: 2006-05-15\n\nPotential Security Impact: Remote arbitrary code execution, Denial of Service (DoS)\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with Motif applications running\non HP-UX. The potential vulnerabilities could be exploited to allow remote execution\nof arbitrary code or Denial for Service (DoS). \n\nReferences: CERT VU#537878, VU#882750 \n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP-UX B.11.00, B.11.11, B.11.23 running Motif applications. \n\nBACKGROUND\n\nPotential vulnerabilities have been reported with the handling of XPixMap format data:\nhttp://www.kb.cert.org/vuls/id/882750 \nhttp://www.kb.cert.org/vuls/id/537878 \n\nAFFECTED VERSIONS\n\nHP-UX B.11.00\n=============\nX11.MOTIF-SHLIB\naction: install PHSS_33129 or subsequent\n\nHP-UX B.11.11\n=============\nX11.MOTIF-SHLIB\naction: install PHSS_33130 or subsequent\n\nHP-UX B.11.23\n=============\nX11.MOTIF-SHLIB\naction: install PHSS_33132 or subsequent\n\nRESOLUTION\nHP has made the following patches available to resolve the issue. \nThe patches can be downloaded from http://itrc.hp.com \n\nHP-UX B.11.00 PHSS_33129 or subsequent \nHP-UX B.11.11 PHSS_33130 or subsequent \nHP-UX B.11.23 PHSS_33132 or subsequent \n\nMANUAL ACTIONS: No\n\nPRODUCT SPECIFIC INFORMATION \n\nHP-UX Security Patch Check: Security Patch Check revision B.02.00 analyzes all\nHP-issued Security Bulletins to provide a subset of recommended actions that \npotentially affect a specific HP-UX system. For more information: \nhttp://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6834AA \n\nHISTORY \nVersion:1 (rev.1) 17 May 2006 Initial release\n\nSupport: For further information, contact normal HP Services\nsupport channel. \n\nReport: To report a potential security vulnerability with any HP\nsupported product, send Email to: security-alert@hp.com.  It is\nstrongly recommended that security related information being\ncommunicated to HP be encrypted using PGP, especially exploit\ninformation.  To get the security-alert PGP key, please send an\ne-mail message as follows:\n  To: security-alert@hp.com\n  Subject: get key\n\nSubscribe: To initiate a subscription to receive future HP\nSecurity Bulletins via Email:\nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026\nlangcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC\n\nOn the web page: ITRC security bulletins and patch sign-up\nUnder Step1: your ITRC security bulletins and patches\n  - check ALL categories for which alerts are required and\n    continue. \nUnder Step2: your ITRC operating systems\n  - verify your operating system selections are checked and\n    save. \n\nTo update an existing subscription:\nhttp://h30046.www3.hp.com/subSignIn.php\nLog in on the web page:\n  Subscriber\u0027s choice for Business: sign-in. \nOn the web page:\n  Subscriber\u0027s Choice: your profile summary\n    - use Edit Profile to update appropriate sections. \n\nTo review previously published Security Bulletins visit:\nhttp://www.itrc.hp.com/service/cki/secBullArchive.do\n\n* The Software Product Category that this Security Bulletin\nrelates to is represented by the 5th and 6th characters of the\nBulletin number in the title:\n\n    GN = HP General SW,\n    MA = HP Management Agents,\n    MI = Misc. 3rd party SW,\n    MP = HP MPE/iX,\n    NS = HP NonStop Servers,\n    OV = HP OpenVMS,\n    PI = HP Printing \u0026 Imaging,\n    ST = HP Storage SW,\n    TL = HP Trusted Linux,\n    TU = HP Tru64 UNIX,\n    UX = HP-UX,\n    VV = HP Virtual Vault\n\n\nSystem management and security procedures must be reviewed\nfrequently to maintain system integrity. HP is continually\nreviewing and enhancing the security features of software products\nto provide customers with current secure solutions. \n\n\"HP is broadly distributing this Security Bulletin in order to\nbring to the attention of users of the affected HP products the\nimportant security information contained in this Bulletin. HP\nrecommends that all users determine the applicability of this\ninformation to their individual situations and take appropriate\naction. HP does not warrant that this information is necessarily\naccurate or complete for all user situations and, consequently, HP\nwill not be responsible for any damages resulting from user\u0027s use\nor disregard of the information provided in this Bulletin. To the\nextent permitted by law, HP disclaims all warranties, either\nexpress or implied, including the warranties of merchantability\nand fitness for a particular purpose, title and non-infringement.\"\n\n\n(c)Copyright 2006 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or\neditorial errors or omissions contained herein. The information\nprovided is provided \"as is\" without warranty of any kind. To the\nextent permitted by law, neither HP nor its affiliates,\nsubcontractors or suppliers will be liable for incidental, special\nor consequential damages including downtime cost; lost profits;\ndamages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. \nThe information in this document is subject to change without\nnotice. Hewlett-Packard Company and the names of Hewlett-Packard\nproducts referenced herein are trademarks of Hewlett-Packard\nCompany in the United States and other countries. Other product\nand company names mentioned herein may be trademarks of their\nrespective owners. \n-----BEGIN PGP SIGNATURE-----\nVersion: PGP 8.1\n\niQA/AwUBRHGcseAfOvwtKn1ZEQLsCQCgsfBQfOCJ10fRkLsGaGyKFw52JnIAnj+C\n6Kgv/Lr9cDfmSn3EfBJJW35+\n=u3wT\n-----END PGP SIGNATURE-----\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2005-1331"
      },
      {
        "db": "BID",
        "id": "13500"
      },
      {
        "db": "VULHUB",
        "id": "VHN-12540"
      },
      {
        "db": "PACKETSTORM",
        "id": "38718"
      },
      {
        "db": "PACKETSTORM",
        "id": "46611"
      }
    ],
    "trust": 1.44
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2005-1331",
        "trust": 2.1
      },
      {
        "db": "BID",
        "id": "13480",
        "trust": 1.7
      },
      {
        "db": "SECUNIA",
        "id": "15227",
        "trust": 1.7
      },
      {
        "db": "VUPEN",
        "id": "ADV-2005-0455",
        "trust": 1.7
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200505-912",
        "trust": 0.7
      },
      {
        "db": "APPLE",
        "id": "APPLE-SA-2005-05-03",
        "trust": 0.6
      },
      {
        "db": "BID",
        "id": "13500",
        "trust": 0.4
      },
      {
        "db": "VULHUB",
        "id": "VHN-12540",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "38718",
        "trust": 0.1
      },
      {
        "db": "CERT/CC",
        "id": "VU#537878",
        "trust": 0.1
      },
      {
        "db": "CERT/CC",
        "id": "VU#882750",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "46611",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-12540"
      },
      {
        "db": "BID",
        "id": "13500"
      },
      {
        "db": "PACKETSTORM",
        "id": "38718"
      },
      {
        "db": "PACKETSTORM",
        "id": "46611"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200505-912"
      },
      {
        "db": "NVD",
        "id": "CVE-2005-1331"
      }
    ]
  },
  "id": "VAR-200505-0350",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-12540"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2024-09-19T21:14:53.369000Z",
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-Other",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2005-1331"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.0,
        "url": "http://remahl.se/david/vuln/010/"
      },
      {
        "trust": 1.7,
        "url": "http://lists.apple.com/archives/security-announce/2005/may/msg00001.html"
      },
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/13480"
      },
      {
        "trust": 1.7,
        "url": "http://secunia.com/advisories/15227"
      },
      {
        "trust": 1.1,
        "url": "http://www.vupen.com/english/advisories/2005/0455"
      },
      {
        "trust": 0.6,
        "url": "http://www.frsirt.com/english/advisories/2005/0455"
      },
      {
        "trust": 0.3,
        "url": "http://www.apple.com"
      },
      {
        "trust": 0.3,
        "url": "/archive/1/397489"
      },
      {
        "trust": 0.1,
        "url": ""
      },
      {
        "trust": 0.1,
        "url": "http://remahl.se/david/vuln/010/\u003e"
      },
      {
        "trust": 0.1,
        "url": "http://remahl.se/david/vuln/012/\u003e"
      },
      {
        "trust": 0.1,
        "url": "http://remahl.se/david/vuln/011/\u003e"
      },
      {
        "trust": 0.1,
        "url": "http://docs.info.apple.com/article.html?artnum=301528\u003e."
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2005-1342"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2005-1341"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2005-1331"
      },
      {
        "trust": 0.1,
        "url": "http://remahl.se/david/vuln/004/\u003e"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2005-1337"
      },
      {
        "trust": 0.1,
        "url": "http://remahl.se/david/vuln/\u003e."
      },
      {
        "trust": 0.1,
        "url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026"
      },
      {
        "trust": 0.1,
        "url": "http://software.hp.com/portal/swdepot/displayproductinfo.do?productnumber=b6834aa"
      },
      {
        "trust": 0.1,
        "url": "http://www.kb.cert.org/vuls/id/537878"
      },
      {
        "trust": 0.1,
        "url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
      },
      {
        "trust": 0.1,
        "url": "http://itrc.hp.com"
      },
      {
        "trust": 0.1,
        "url": "http://h30046.www3.hp.com/subsignin.php"
      },
      {
        "trust": 0.1,
        "url": "http://www.kb.cert.org/vuls/id/882750"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-12540"
      },
      {
        "db": "BID",
        "id": "13500"
      },
      {
        "db": "PACKETSTORM",
        "id": "38718"
      },
      {
        "db": "PACKETSTORM",
        "id": "46611"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200505-912"
      },
      {
        "db": "NVD",
        "id": "CVE-2005-1331"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-12540"
      },
      {
        "db": "BID",
        "id": "13500"
      },
      {
        "db": "PACKETSTORM",
        "id": "38718"
      },
      {
        "db": "PACKETSTORM",
        "id": "46611"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200505-912"
      },
      {
        "db": "NVD",
        "id": "CVE-2005-1331"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2005-05-04T00:00:00",
        "db": "VULHUB",
        "id": "VHN-12540"
      },
      {
        "date": "2005-05-03T00:00:00",
        "db": "BID",
        "id": "13500"
      },
      {
        "date": "2005-07-15T06:39:33",
        "db": "PACKETSTORM",
        "id": "38718"
      },
      {
        "date": "2006-05-24T08:55:30",
        "db": "PACKETSTORM",
        "id": "46611"
      },
      {
        "date": "2005-05-04T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200505-912"
      },
      {
        "date": "2005-05-04T04:00:00",
        "db": "NVD",
        "id": "CVE-2005-1331"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2011-03-08T00:00:00",
        "db": "VULHUB",
        "id": "VHN-12540"
      },
      {
        "date": "2009-07-12T14:06:00",
        "db": "BID",
        "id": "13500"
      },
      {
        "date": "2005-10-20T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200505-912"
      },
      {
        "date": "2011-03-08T02:21:38.047000",
        "db": "NVD",
        "id": "CVE-2005-1331"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "46611"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200505-912"
      }
    ],
    "trust": 0.7
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Apple Mac OS X AppleScript Editor code confusing vulnerability",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200505-912"
      }
    ],
    "trust": 0.6
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "input validation",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200505-912"
      }
    ],
    "trust": 0.6
  }
}

ghsa-6qxm-23hq-hvpc

Vulnerability from github

Published

2022-05-01 01:57

Modified

2025-04-03 04:12

Details

The AppleScript Editor in Mac OS X 10.3.9 does not properly display script code for an applescript: URI, which can result in code that is different than the actual code that would be run, which could allow remote attackers to trick users into executing malicious code via certain URI characters such as NULL, control characters, and homographs.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2005-1331"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2005-05-04T04:00:00Z",
    "severity": "MODERATE"
  },
  "details": "The AppleScript Editor in Mac OS X 10.3.9 does not properly display script code for an applescript: URI, which can result in code that is different than the actual code that would be run, which could allow remote attackers to trick users into executing malicious code via certain URI characters such as NULL, control characters, and homographs.",
  "id": "GHSA-6qxm-23hq-hvpc",
  "modified": "2025-04-03T04:12:39Z",
  "published": "2022-05-01T01:57:39Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2005-1331"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce/2005/May/msg00001.html"
    },
    {
      "type": "WEB",
      "url": "http://remahl.se/david/vuln/010"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/15227"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/13480"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2005/0455"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

gsd-2005-1331

Vulnerability from gsd

Modified

2023-12-13 01:20

Details

The AppleScript Editor in Mac OS X 10.3.9 does not properly display script code for an applescript: URI, which can result in code that is different than the actual code that would be run, which could allow remote attackers to trick users into executing malicious code via certain URI characters such as NULL, control characters, and homographs.

Aliases

CVE-2005-1331

Aliases

CVE-2005-1331

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2005-1331",
    "description": "The AppleScript Editor in Mac OS X 10.3.9 does not properly display script code for an applescript: URI, which can result in code that is different than the actual code that would be run, which could allow remote attackers to trick users into executing malicious code via certain URI characters such as NULL, control characters, and homographs.",
    "id": "GSD-2005-1331"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2005-1331"
      ],
      "details": "The AppleScript Editor in Mac OS X 10.3.9 does not properly display script code for an applescript: URI, which can result in code that is different than the actual code that would be run, which could allow remote attackers to trick users into executing malicious code via certain URI characters such as NULL, control characters, and homographs.",
      "id": "GSD-2005-1331",
      "modified": "2023-12-13T01:20:11.033209Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2005-1331",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The AppleScript Editor in Mac OS X 10.3.9 does not properly display script code for an applescript: URI, which can result in code that is different than the actual code that would be run, which could allow remote attackers to trick users into executing malicious code via certain URI characters such as NULL, control characters, and homographs."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "13480",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/13480"
          },
          {
            "name": "15227",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/15227"
          },
          {
            "name": "ADV-2005-0455",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2005/0455"
          },
          {
            "name": "http://remahl.se/david/vuln/010/",
            "refsource": "MISC",
            "url": "http://remahl.se/david/vuln/010/"
          },
          {
            "name": "APPLE-SA-2005-05-03",
            "refsource": "APPLE",
            "url": "http://lists.apple.com/archives/security-announce/2005/May/msg00001.html"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:apple:applescript:2.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.3.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.3.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.3.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.3.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.3.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.3.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.3.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.3.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.3.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.3.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.3.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.3.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.3.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.3.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.3.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.3.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.3.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.3.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-1331"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The AppleScript Editor in Mac OS X 10.3.9 does not properly display script code for an applescript: URI, which can result in code that is different than the actual code that would be run, which could allow remote attackers to trick users into executing malicious code via certain URI characters such as NULL, control characters, and homographs."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://remahl.se/david/vuln/010/",
              "refsource": "MISC",
              "tags": [
                "Exploit"
              ],
              "url": "http://remahl.se/david/vuln/010/"
            },
            {
              "name": "APPLE-SA-2005-05-03",
              "refsource": "APPLE",
              "tags": [
                "Patch"
              ],
              "url": "http://lists.apple.com/archives/security-announce/2005/May/msg00001.html"
            },
            {
              "name": "13480",
              "refsource": "BID",
              "tags": [
                "Patch"
              ],
              "url": "http://www.securityfocus.com/bid/13480"
            },
            {
              "name": "15227",
              "refsource": "SECUNIA",
              "tags": [
                "Patch"
              ],
              "url": "http://secunia.com/advisories/15227"
            },
            {
              "name": "ADV-2005-0455",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2005/0455"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.1,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 4.9,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": true
        }
      },
      "lastModifiedDate": "2011-03-08T02:21Z",
      "publishedDate": "2005-05-04T04:00Z"
    }
  }
}

Action not permitted

cve-2005-1331

Vulnerability from cvelistv5

var-200505-0350

Vulnerability from variot

HP-UX B.11.00

HP-UX B.11.11

HP-UX B.11.23

ghsa-6qxm-23hq-hvpc

Vulnerability from github

gsd-2005-1331

Vulnerability from gsd

Tags