This vulnerability has been modified since it was last analyzed by the NVD. It is awaiting reanalysis which may result in further changes to the information provided.
Current Description
Apple Safari on Mac OS X, and before 3.1.2 on Windows, does not prompt the user before downloading an object that has an unrecognized content type, which allows remote attackers to place malware into the (1) Desktop directory on Windows or (2) Downloads directory on Mac OS X, and subsequently allows remote attackers to execute arbitrary code on Windows by leveraging an untrusted search path vulnerability in (a) Internet Explorer 7 on Windows XP or (b) the SearchPath function in Windows XP, Vista, and Server 2003 and 2008, aka a "Carpet Bomb" and a "Blended Threat Elevation of Privilege Vulnerability," a different issue than CVE-2008-1032. NOTE: Apple considers this a vulnerability only because the Microsoft products can load application libraries from the desktop and, as of 20080619, has not covered the issue in an advisory for Mac OS X.
Apple Safari on Mac OS X, and before 3.1.2 on Windows, does not prompt the user before downloading an object that has an unrecognized content type, which allows remote attackers to place malware into the (1) Desktop directory on Windows or (2) Downloads directory on Mac OS X, and subsequently allows remote attackers to execute arbitrary code on Windows by leveraging an untrusted search path vulnerability in (a) Internet Explorer 7 on Windows XP or (b) the SearchPath function in Windows XP, Vista, and Server 2003 and 2008, aka a "Carpet Bomb" and a "Blended Threat Elevation of Privilege Vulnerability," a different issue than CVE-2008-1032. NOTE: Apple considers this a vulnerability only because the Microsoft products can load application libraries from the desktop and, as of 20080619, has not covered the issue in an advisory for Mac OS X.
NVD Analysts use publicly available information to associate vector strings and CVSS scores. We also display any CVSS information provided within the CVE List from the CNA.
Note: NVD Analysts have not published a CVSS score for this CVE at this time. NVD Analysts use publicly available information at the time of analysis to associate CVSS vector strings.
NVD Analysts use publicly available information to associate vector strings and CVSS scores. We also display any CVSS information provided within the CVE List from the CNA.
Note: NVD Analysts have published a CVSS score for this CVE based on publicly available information at the time of analysis. The CNA has not provided a score within the CVE List.
References to Advisories, Solutions, and Tools
By selecting these links, you will be leaving NIST webspace.
We have provided these links to other web sites because they
may have information that would be of interest to you. No
inferences should be drawn on account of other sites being
referenced, or not, from this page. There may be other web
sites that are more appropriate for your purpose. NIST does
not necessarily endorse the views expressed, or concur with
the facts presented on these sites. Further, NIST does not
endorse any commercial products that may be mentioned on
these sites. Please address comments about this page to nvd@nist.gov.
AND
OR
*cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:* versions up to (excluding) 3.1.2
OR
cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2003:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2008:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_vista:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:-:*:*:*:*:*:*:*
AND
OR
cpe:2.3:o:microsoft:windows-nt:xp:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:xp:*:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows-nt:xp:*:*:*:*:*:x86:*
cpe:2.3:o:microsoft:windows-nt:xp:*:*:*:pro:*:*:*
cpe:2.3:o:microsoft:windows-nt:xp:sp2:*:*:home:*:*:*
cpe:2.3:o:microsoft:windows-nt:xp:sp2:*:*:pro:*:x64:*
cpe:2.3:o:microsoft:windows-nt:xp:sp3:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:xp:sp3:*:*:*:home:*:*
AND
OR
cpe:2.3:o:microsoft:windows-nt:xp:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:xp:*:pro:*:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:xp:*:x32:*:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:xp:*:x64:*:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:xp:sp2:home:*:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:xp:sp2:pro:x64:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:xp:sp3:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:xp:sp3:home:*:*:*:*:*
AND
OR
cpe:2.3:o:microsoft:windows-nt:xp:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:xp:*:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows-nt:xp:*:*:*:*:*:x86:*
cpe:2.3:o:microsoft:windows-nt:xp:*:*:*:pro:*:*:*
cpe:2.3:o:microsoft:windows-nt:xp:sp2:*:*:home:*:*:*
cpe:2.3:o:microsoft:windows-nt:xp:sp2:*:*:pro:*:x64:*
cpe:2.3:o:microsoft:windows-nt:xp:sp3:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:xp:sp3:*:*:*:home:*:*
Changed
Reference Type
http://lists.apple.com/archives/security-announce/2008//Jun/msg00001.html Third Party Advisory
Apple Safari en Mac OS X y en versiones anteriores a 3.1.2 en Windows, no apunta al usuario después de descargar un objeto que tiene un tipo de contenido no reconocido, lo que permite a atacantes remotos incluir malware dentro de (1) el directorio Desktop en Windows o (2) el directorio Downloads en Mac OS X, y posteriormente permite a atacantes remotos ejecutar código arbitrario en Windows aprovechando una vulnerabilidad de ruta de búsqueda no confiable en (a) Internet Explorer 7 en Windows XP o
Apple Safari no pide confirmación al usuario antes de descargar un objeto que tiene un tipo de contenido no reconocido, lo cual permite a atacantes remotos guardar código malicioso dentro de (1) Desktop directory en Windows o (2) Downloads directory en Mac OS X, también conocido como un "Fichero Bomba," una cuestión diferente a CVE-2008-1032.
NOTA: Apple informa que ha declarado que "nosotros no tratamos esto como un problema de seguridad".
NOTA: Microsoft describe la cuestión en la plataforma
Configuration 1
AND
OR
cpe:2.3:o:microsoft:windows-nt:vista:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:vista:sp1:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:vista:sp1:business:*:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:vista:sp1:business:64bit:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:vista:sp1:enterprise:*:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:vista:sp1:enterprise:64bit:*:*:*:*
c
Configuration 1
AND
OR
cpe:2.3:o:microsoft:windows-nt:vista:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:vista:sp1:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:vista:sp1:business:*:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:vista:sp1:business:64bit:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:vista:sp1:enterprise:*:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:vista:sp1:enterprise:64bit:*:*:*:*
c
Configuration 1
AND
OR
cpe:2.3:o:microsoft:windows-nt:vista:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:vista:sp1:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:vista:sp1:business:*:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:vista:sp1:business:64bit:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:vista:sp1:enterprise:*:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:vista:sp1:enterprise:64bit:*:*:*:*
c
Configuration 1
AND
OR
cpe:2.3:o:microsoft:windows-nt:vista:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:vista:sp1:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:vista:sp1:business:*:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:vista:sp1:business:64bit:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:vista:sp1:enterprise:*:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:vista:sp1:enterprise:64bit:*:*:*:*
c
Changed
Reference Type
http://aviv.raffon.net/2008/05/31/SafariPwnsInternetExplorer.aspx No Types Assigned
http://aviv.raffon.net/2008/05/31/SafariPwnsInternetExplorer.aspx Third Party Advisory
Changed
Reference Type
http://blogs.zdnet.com/security/?p=1230 No Types Assigned
http://blogs.zdnet.com/security/?p=1230 Third Party Advisory
Changed
Reference Type
http://lists.apple.com/archives/security-announce/2008//Jun/msg00001.html No Types Assigned
http://lists.apple.com/archives/security-announce/2008//Jun/msg00001.html Third Party Advisory
Changed
Reference Type
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:5782 No Types Assigned
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:5782 Broken Link
Changed
Reference Type
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:6108 No Types Assigned
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:6108 Broken Link
Changed
Reference Type
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:8509 No Types Assigned
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:8509 Broken Link
