CVE-2005-1331
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
04/05/2005
Last modified:
03/04/2025
Description
The AppleScript Editor in Mac OS X 10.3.9 does not properly display script code for an applescript: URI, which can result in code that is different than the actual code that would be run, which could allow remote attackers to trick users into executing malicious code via certain URI characters such as NULL, control characters, and homographs.
Impact
Base Score 2.0
5.10
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:apple:applescript:2.0.0:*:*:*:*:*:*:* | ||
| cpe:2.3:o:apple:mac_os_x:10.3:*:*:*:*:*:*:* | ||
| cpe:2.3:o:apple:mac_os_x:10.3.1:*:*:*:*:*:*:* | ||
| cpe:2.3:o:apple:mac_os_x:10.3.2:*:*:*:*:*:*:* | ||
| cpe:2.3:o:apple:mac_os_x:10.3.3:*:*:*:*:*:*:* | ||
| cpe:2.3:o:apple:mac_os_x:10.3.4:*:*:*:*:*:*:* | ||
| cpe:2.3:o:apple:mac_os_x:10.3.5:*:*:*:*:*:*:* | ||
| cpe:2.3:o:apple:mac_os_x:10.3.6:*:*:*:*:*:*:* | ||
| cpe:2.3:o:apple:mac_os_x:10.3.7:*:*:*:*:*:*:* | ||
| cpe:2.3:o:apple:mac_os_x:10.3.8:*:*:*:*:*:*:* | ||
| cpe:2.3:o:apple:mac_os_x:10.3.9:*:*:*:*:*:*:* | ||
| cpe:2.3:o:apple:mac_os_x_server:10.3:*:*:*:*:*:*:* | ||
| cpe:2.3:o:apple:mac_os_x_server:10.3.1:*:*:*:*:*:*:* | ||
| cpe:2.3:o:apple:mac_os_x_server:10.3.2:*:*:*:*:*:*:* | ||
| cpe:2.3:o:apple:mac_os_x_server:10.3.3:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://lists.apple.com/archives/security-announce/2005/May/msg00001.html
- http://remahl.se/david/vuln/010/
- http://secunia.com/advisories/15227
- http://www.securityfocus.com/bid/13480
- http://www.vupen.com/english/advisories/2005/0455
- http://lists.apple.com/archives/security-announce/2005/May/msg00001.html
- http://remahl.se/david/vuln/010/
- http://secunia.com/advisories/15227
- http://www.securityfocus.com/bid/13480
- http://www.vupen.com/english/advisories/2005/0455