Vulnerability Details : CVE-2006-0848

Public exploit exists!
The "Open 'safe' files after downloading" option in Safari on Apple Mac OS X allows remote user-assisted attackers to execute arbitrary commands by tricking a user into downloading a __MACOSX folder that contains metadata (resource fork) that invokes the Terminal, which automatically interprets the script using bash, as demonstrated using a ZIP file that contains a script with a safe file extension.
Published 2006-02-22 23:02:00
Updated 2017-07-20 01:30:07
Source MITRE
View at NVD,   CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2006-0848

Probability of exploitation activity in the next 30 days: 97.47%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 100 % EPSS Score History EPSS FAQ

Metasploit modules for CVE-2006-0848

  • Safari Archive Metadata Command Execution
    Disclosure Date: 2006-02-21
    First seen: 2020-04-26
    exploit/osx/browser/safari_metadata_archive
    This module exploits a vulnerability in Safari's "Safe file" feature, which will automatically open any file with one of the allowed extensions. This can be abused by supplying a zip file, containing a shell script, with a metafile indicating that the file should b

CVSS scores for CVE-2006-0848

Base Score Base Severity CVSS Vector Exploitability Score Impact Score Score Source
5.1
 MEDIUM AV:N/AC:H/Au:N/C:P/I:P/A:P
4.9
6.4
 NIST

CWE ids for CVE-2006-0848

  • Assigned by: nvd@nist.gov (Primary)

References for CVE-2006-0848

Products affected by CVE-2006-0848

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close