Short Name |
HTTP:MISC:MAC-COMM-EXEC |
---|---|
Severity |
Minor |
Recommended |
No |
Category |
HTTP |
Keywords |
Apple Mac OS X Archive Metadata Command Execution |
Release Date |
2015/06/09 |
Update Number |
2503 |
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability against Apple MAC. A successful exploit can lead to remote command execution.
Apple Mac OS X is prone to an arbitrary command-execution vulnerability when processing metadata in archive files. Commands would be executed in the context of the user opening the archive file. Attackers can reportedly use Safari and Apple Mail as exploitation vectors for this vulnerability. Mac OS X 10.4.5 is reported to be vulnerable. Earlier versions may also be affected.