Unrated severityNVD Advisory· Published Jul 7, 2004· Updated Apr 16, 2026

CVE-2004-0489

Description

Argument injection vulnerability in the SSH URI handler for Safari on Mac OS 10.3.3 and earlier allows remote attackers to (1) execute arbitrary code via the ProxyCommand option or (2) conduct port forwarding via the -R option.

Affected products

Apple Inc./Mac Os X
cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
Range: <=10.3.3

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.insecure.ws/article.phpnvdExploitVendor Advisory
exchange.xforce.ibmcloud.com/vulnerabilities/16242nvdThird Party AdvisoryVDB Entry
lists.grok.org.uk/pipermail/full-disclosure/2004-May/021871.htmlnvdBroken Link

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.011
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000