• Mail.app Image Attachment Command Execution
    Disclosure Date: 2006-03-01
    First seen: 2020-04-26
    exploit/osx/email/mailapp_image_exec
    This module exploits a command execution vulnerability in the Mail.app application shipped with Mac OS X 10.5.0. This flaw was patched in 10.4 in March of 2007, but reintroduced into the final release of 10.5. Authors: - hdm <x@hdm.io> - kf <kf_list@digitalmunition.com>
  • Safari Archive Metadata Command Execution
    Disclosure Date: 2006-02-21
    First seen: 2020-04-26
    exploit/osx/browser/safari_metadata_archive
    This module exploits a vulnerability in Safari's "Safe file" feature, which will automatically open any file with one of the allowed extensions. This can be abused by supplying a zip file, containing a shell script, with a metafile indicating that the file should be opened by Terminal.app. This module depends on the 'zip' command-line utility. Authors: - hdm <x@hdm.io>
2 metasploit modules found
Please note: Metasploit modules are only matched by CVE numbers. Visit metasploit web site for more details
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!