Lucene search

MitreCVE-2005-2522

HistoryAug 19, 2005 - 4:00 a.m.

CVE-2005-2522

2005-08-1904:00:00

mitre

web.nvd.nist.gov

cve-2005-2522

safari

webkit

mac os x

pdf

security vulnerability

remote code execution

CVSS2

5.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

AI Score

9.6

Confidence

High

EPSS

0.018

Percentile

88.4%

JSON

Safari in WebKit in Mac OS X 10.4 to 10.4.2 directly accesses URLs within PDF files without the normal security checks, which allows remote attackers to execute arbitrary code via links in a PDF file.

Affected configurations

Nvd

Node

applesafari

Node

applemac_os_xMatch10.4

applemac_os_xMatch10.4.1

applemac_os_xMatch10.4.2

VendorProductVersionCPE
applesafari*cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
applemac_os_x10.4cpe:2.3:o:apple:mac_os_x:10.4:*:*:*:*:*:*:*
applemac_os_x10.4.1cpe:2.3:o:apple:mac_os_x:10.4.1:*:*:*:*:*:*:*
applemac_os_x10.4.2cpe:2.3:o:apple:mac_os_x:10.4.2:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
apple	safari	*	cpe:2.3:a:apple:safari::::::::
apple	mac_os_x	10.4	cpe:2.3:o:apple:mac_os_x:10.4:::::::*
apple	mac_os_x	10.4.1	cpe:2.3:o:apple:mac_os_x:10.4.1:::::::*
apple	mac_os_x	10.4.2	cpe:2.3:o:apple:mac_os_x:10.4.2:::::::*

References

lists.apple.com/archives/security-announce/2005//Aug/msg00001.html

lists.apple.com/archives/security-announce/2005/Aug/msg00000.html

www.kb.cert.org/vuls/id/420316

www.us-cert.gov/cas/techalerts/TA05-229A.html

CVSS2

5.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

AI Score

9.6

Confidence

High

EPSS

0.018

Percentile

88.4%

JSON

Related for CVE-2005-2522