CVE-2008-0052

Published: Mar 18, 2008Modified: Apr 23, 2026

6.8

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability: 8.6 / Impact: 6.4

Source: NVD

Description

CoreServices in Apple Mac OS X 10.4.11 treats .ief as a safe file type, which allows remote attackers to force Safari users into opening an .ief file in AppleWorks, even when the "Open 'Safe' files" preference is set.

Affected (2)

Products: Apple: Mac Os X, Mac Os X Server

Apple

2 products

Mac Os X

Mac Os X Server

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Apple Mac Os X	Version 10.4.11
Apple Mac Os X Server	Version 10.4.11

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (18)

http://docs.info.apple.com/article.html?artnum=307562

Source: cve@mitre.org

http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html

Source: cve@mitre.org

Patch

http://secunia.com/advisories/29420

Source: cve@mitre.org

http://www.securityfocus.com/bid/28304

Source: cve@mitre.org

http://www.securityfocus.com/bid/28384

Source: cve@mitre.org

http://www.securitytracker.com/id?1019671

Source: cve@mitre.org

http://www.us-cert.gov/cas/techalerts/TA08-079A.html

Source: cve@mitre.org

US Government Resource

http://www.vupen.com/english/advisories/2008/0924/references

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/41312

Source: cve@mitre.org

http://docs.info.apple.com/article.html?artnum=307562