RCE in Apple Mac_os_x

CVE-2008-0039

Unspecified vulnerability in Mail in Apple Mac OS X 10.4.11 allows remote attackers to execute arbitrary commands via a crafted file:// URL.

Vulnerability class: RCE (Remote Code Execution)

EPSS: 0.032 (86.7th percentile) — read the EPSS interpretation.

Affected products

Apple Mac_os_x — versions 10.4.11
Apple Mail
N/a — versions n/a

Weakness classification (CWE)

CWE-94 — Code Injection

References

cve@mitre.org (x_refsource_CONFIRM)
cve@mitre.org (x_refsource_SECUNIA, third-party-advisory)
cve@mitre.org (vdb-entry, x_refsource_VUPEN)
cve@mitre.org (vdb-entry, x_refsource_BID)
cve@mitre.org (vdb-entry, x_refsource_SECTRACK)
cve@mitre.org (US Government Resource, x_refsource_CERT, third-party-advisory)
cve@mitre.org (vendor-advisory, x_refsource_APPLE, Patch)