CVE-2004-0489

Argument injection vulnerability in the SSH URI handler for Safari on Mac OS 10.3.3 and earlier allows remote attackers to (1) execute…

mitre·CWE-88·Published 2004-05-28

CVSS

—

EPSS

0.07

KEV

Exploits

cve.orgen

227 chars

Argument injection vulnerability in the SSH URI handler for Safari on Mac OS 10.3.3 and earlier allows remote attackers to (1) execute arbitrary code via the ProxyCommand option or (2) conduct port forwarding via the -R option.

NVDen

227 chars

NVDes

260 chars

Vulnerabilidad de inyección de argumentos en el manejador de URI SSH de Safari sobre Mac OS 10.3.3 y anteriores permite a atacantes remotos (1) ejecutar código de su elección mediante la opción ProxyCommand o (2) hacer reenvío de puertos mediante la opción -R.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	7.6	4.9	10.0	AV:N/AC:H/Au:N/C:C/I:C/A:C