Apple Mac OS X Launch Services Remote Security Bypass Vulnerability
Apple Mac OS X is prone to a remote security-bypass vulnerability that affects the Launch Services API.
An attacker can exploit this issue by enticing a user to download a malicious file and launch it without being warned. Successful exploits may bypass the security feature that displays a warning dialog box before executing malicious files from the quarantined directory.
This issue affects the following:
Mac OS X 10.6 and 10.6.1
Mac OS X Server 10.6 and 10.6.1
NOTE: This issue was previously covered in BID 36956 (Apple Mac OS X 2009-006 Multiple Security Vulnerabilities), but has been assigned its own record to better document it.