CVE-2006-0388

macOS 10.3-10.4.4 - Remote Code Execution via Safari HTTP Redirection

Title source: llm
STIX 2.1

Description

Safari in Mac OS X 10.3 before 10.3.9 and 10.4 before 10.4.5 allows remote attackers to redirect users to local files and execute arbitrary JavaScript via unspecified vectors involving HTTP redirection to local resources.

References (8)

Core 8
Core References
Vendor Advisory x_refsource_confirm
http://docs.info.apple.com/article.html?artnum=303382
Patch, Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/19064
Patch vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/16907
Patch vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1015713
Vendor Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2006/0791
US Government Resource third-party-advisory x_refsource_cert
http://www.us-cert.gov/cas/techalerts/TA06-062A.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/25038

Scores

EPSS 0.0077
EPSS Percentile 51.3%

Details

CWE
CWE-94
Status published
Products (32)
apple/mac_os_x 10.3
apple/mac_os_x 10.3.1
apple/mac_os_x 10.3.2
apple/mac_os_x 10.3.3
apple/mac_os_x 10.3.4
apple/mac_os_x 10.3.5
apple/mac_os_x 10.3.6
apple/mac_os_x 10.3.7
apple/mac_os_x 10.3.8
apple/mac_os_x 10.3.9
... and 22 more
Published Mar 03, 2006
Tracked Since Feb 18, 2026