VYPR
Unrated severityNVD Advisory· Published Dec 19, 2007· Updated Jun 16, 2026

CVE-2007-5854

CVE-2007-5854

Description

Launch Services in Apple Mac OS X 10.4.11 and 10.5.1 does not treat HTML files as unsafe content, which allows attackers to conduct cross-site scripting (XSS) attacks or obtain sensitive information via a crafted HTML file.

Affected products

3
  • cpe:2.3:o:apple:mac_os_x:10.4.11:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:o:apple:mac_os_x:10.4.11:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:mac_os_x:10.5.1:*:*:*:*:*:*:*
    • (no CPE)range: 10.4.11, 10.5.1

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.