VYPR

Help Viewer

by Apple Inc.

CVEs (5)

  • CVE-2017-13819MedNov 13, 2017
    risk 0.40cvss 6.1epss 0.01

    An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "HelpViewer" component. A cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script or HTML by bypassing the Same Origin Policy for…

  • CVE-2007-0647Feb 1, 2007
    risk 0.03cvss epss 0.03

    Format string vulnerability in Help Viewer 3.0.0 allows remote user-assisted attackers to cause a denial of service (crash) via format string specifiers in a filename, which is not properly handled when calling the NSBeginAlertSheet Apple AppKit function.

  • CVE-2009-0943May 13, 2009
    risk 0.00cvss epss 0.04

    Help Viewer in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 does not verify that HTML pathnames are located in a registered help book, which allows remote attackers to execute arbitrary code via a help: URL that triggers invocation of AppleScript files.

  • CVE-2009-0942May 13, 2009
    risk 0.00cvss epss 0.04

    Help Viewer in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 does not verify that certain Cascading Style Sheets (CSS) are located in a registered help book, which allows remote attackers to execute arbitrary code via a help: URL that triggers invocation of AppleScript files.

  • CVE-2005-1337May 4, 2005
    risk 0.00cvss epss 0.01

    Apple Help Viewer 2.0.7 and 3.0.0 in Mac OS X 10.3.9 allows remote attackers to read and execute arbitrary scrpts with less restrictive privileges via a help:// URI.