Apple Mac OS X AppleScript Editor Code Obfuscation Vulnerability
BID:13500
Info
Apple Mac OS X AppleScript Editor Code Obfuscation Vulnerability
| Bugtraq ID: | 13500 |
| Class: | Input Validation Error |
| CVE: |
CVE-2005-1331 |
| Remote: | Yes |
| Local: | No |
| Published: | May 03 2005 12:00AM |
| Updated: | Jul 12 2009 02:06PM |
| Credit: | Discovered by David Remahl <[email protected]>. |
| Vulnerable: |
Dead Pirate Software SimpleCam 1.2 Apple Mac OS X Server 10.3.9 Apple Mac OS X Server 10.3.8 Apple Mac OS X Server 10.3.7 Apple Mac OS X Server 10.3.6 Apple Mac OS X Server 10.3.5 Apple Mac OS X Server 10.3.4 Apple Mac OS X Server 10.3.3 Apple Mac OS X Server 10.3.2 Apple Mac OS X Server 10.3.1 Apple Mac OS X Server 10.3 Apple Mac OS X 10.3.9 Apple Mac OS X 10.3.8 Apple Mac OS X 10.3.7 Apple Mac OS X 10.3.6 Apple Mac OS X 10.3.5 Apple Mac OS X 10.3.4 Apple Mac OS X 10.3.3 Apple Mac OS X 10.3.2 Apple Mac OS X 10.3.1 Apple Mac OS X 10.3 |
| Not Vulnerable: |
Dead Pirate Software SimpleCam 1.3 |
Discussion
Apple Mac OS X AppleScript Editor Code Obfuscation Vulnerability
Mac OS X AppleScript editor is prone to a code obfuscation vulnerability. Scripts created using the applescript: URI mechanism could display code differently than the actual code that will execute if it is downloaded, compiled, and run.
This issue was initially reported in BID 13480 (Apple Mac OS X Multiple Vulnerabilities). Due to the availability of more information, this issue is being assigned a new BID.
Mac OS X AppleScript editor is prone to a code obfuscation vulnerability. Scripts created using the applescript: URI mechanism could display code differently than the actual code that will execute if it is downloaded, compiled, and run.
This issue was initially reported in BID 13480 (Apple Mac OS X Multiple Vulnerabilities). Due to the availability of more information, this issue is being assigned a new BID.
Exploit / POC
Apple Mac OS X AppleScript Editor Code Obfuscation Vulnerability
A proof of concept is available at the following location:
http://remahl.se/david/vuln/010/demo.html
A proof of concept is available at the following location:
http://remahl.se/david/vuln/010/demo.html
Solution / Fix
Apple Mac OS X AppleScript Editor Code Obfuscation Vulnerability
Solution:
Apple has released advisory (APPLE-SA-2005-05-03) to address this issue. Please see the referenced advisory for more information.
Dead Pirate Software SimpleCam 1.2
Apple Mac OS X 10.3.9
Apple Mac OS X Server 10.3.9
Solution:
Apple has released advisory (APPLE-SA-2005-05-03) to address this issue. Please see the referenced advisory for more information.
Dead Pirate Software SimpleCam 1.2
-
Dead Pirate Software simplecam.zip
http://simplecam.fileburst.com/simplecam.zip
Apple Mac OS X 10.3.9
-
Apple SecUpd2005-005Pan.dmg
http://www.apple.com/support/downloads/securityupdate2005005client.htm l
Apple Mac OS X Server 10.3.9
-
Apple SecUpdSrvr2005-005Pan.dmg
http://www.apple.com/support/downloads/securityupdate2005005server.htm l
References
Apple Mac OS X AppleScript Editor Code Obfuscation Vulnerability
References:
References:
- Invisible characters in applescript: URL protocol messaging vulnerability (David Remahl)
- Vendor Home Page (Apple)
- Advisories for 4 vulnerabilities addressed by Apple SU 2005-005 (David Remahl
)