Unrated severityNVD Advisory· Published Aug 6, 2009· Updated Jun 16, 2026
CVE-2009-1727
CVE-2009-1727
Description
Incomplete blacklist vulnerability in CoreTypes in Apple Mac OS X 10.5 before 10.5.8 makes it easier for user-assisted remote attackers to execute arbitrary JavaScript via a web page that offers a download with a Content-Type value that is not on the list of possibly unsafe content types for Safari.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
20cpe:2.3:a:apple:mac_os_x:10.5.6:*:*:*:*:*:*:*+ 10 more
- cpe:2.3:a:apple:mac_os_x:10.5.6:*:*:*:*:*:*:*
- cpe:2.3:o:apple:mac_os_x:10.5:*:*:*:*:*:*:*
- cpe:2.3:o:apple:mac_os_x:10.5.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:mac_os_x:10.5.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:mac_os_x:10.5.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:mac_os_x:10.5.3:*:*:*:*:*:*:*
- cpe:2.3:o:apple:mac_os_x:10.5.4:*:*:*:*:*:*:*
- cpe:2.3:o:apple:mac_os_x:10.5.5:*:*:*:*:*:*:*
- cpe:2.3:o:apple:mac_os_x:10.5.6:*:*:*:*:*:*:*
- cpe:2.3:o:apple:mac_os_x:10.5.7:*:*:*:*:*:*:*
- (no CPE)range: >=10.5, <10.5.8
cpe:2.3:o:apple:mac_os_x_server:10.5:*:*:*:*:*:*:*+ 8 more
- cpe:2.3:o:apple:mac_os_x_server:10.5:*:*:*:*:*:*:*
- cpe:2.3:o:apple:mac_os_x_server:10.5.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:mac_os_x_server:10.5.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:mac_os_x_server:10.5.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:mac_os_x_server:10.5.3:*:*:*:*:*:*:*
- cpe:2.3:o:apple:mac_os_x_server:10.5.4:*:*:*:*:*:*:*
- cpe:2.3:o:apple:mac_os_x_server:10.5.5:*:*:*:*:*:*:*
- cpe:2.3:o:apple:mac_os_x_server:10.5.6:*:*:*:*:*:*:*
- cpe:2.3:o:apple:mac_os_x_server:10.5.7:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
8- lists.apple.com/archives/security-announce/2009/Aug/msg00001.htmlnvdPatchVendor Advisory
- support.apple.com/kb/HT3757nvdPatchVendor Advisory
- www.securityfocus.com/bid/35954nvdPatch
- www.vupen.com/english/advisories/2009/2172nvdPatchVendor Advisory
- secunia.com/advisories/36096nvdVendor Advisory
- www.us-cert.gov/cas/techalerts/TA09-218A.htmlnvdUS Government Resource
- osvdb.org/56844nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/52420nvd
News mentions
0No linked articles in our index yet.