Arbitrary Code Execution in Apple Mac OS X Mail Application

vendor:

Mac OS X

by:

Unknown

7.5

CVSS

HIGH

Arbitrary Code Execution

Unknown

CWE

Product Name: Mac OS X

Affected Version From: Mac OS X 10.5

Affected Version To: Mac OS X 10.5

Patch Exists: NO

Related CWE: CVE-2007-0395

CPE: o:apple:mac_os_x:10.5

Metasploit: https://www.rapid7.com/db/vulnerabilities/apple-osx-launchservices-cve-2007-6165/

Other Scripts:

Platforms Tested:

2007

Arbitrary Code Execution in Apple Mac OS X Mail Application

The vulnerability allows attackers to execute arbitrary code in the context of the user running the Mail application. This can compromise the application and potentially the underlying operating system.

Mitigation:

Unknown

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/26510/info

Apple Mac OS X is prone to a vulnerability that can allow arbitrary code to run. This issue affects the Mail application when handling email attachments.

Attackers can exploit this issue to execute arbitrary code in the context of the user running the application. This will compromise the application and possibly the underlying operating system.

This issue affects Mac OS X 10.5.

NOTE: This vulnerability may be related to CVE-2007-0395 documented in BID 16907 (Apple Mac OS X Security Update 2006-001 Multiple Vulnerabilities). Although the issues seem similar in nature, this may not be the very same underlying vulnerability. We will update this BID as more information emerges.

UPDATE (November 21, 2007): Reports indicate that this issue occurs because of an error in the application's quarantine feature. We have not confirmed this information.

UPDATE (December 17, 2007): This vulnerability stems from an unspecified implementation issue in the Launch Services application.
https://www.securityfocus.com/bid/16907 

/bin/ls -al
echo
echo
echo "heise Security: You are vulnerable."
echo
echo