Arbitrary Command Execution via Safari's RTF File Rendering

Arbitrary Command Execution via Safari's RTF File Rendering

CVE-2005-2516 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Safari in Mac OS X 10.3.9 and 10.4.2, when rendering Rich Text Format (RTF) files, can directly access URLs without performing the normal security checks, which allows remote attackers to execute arbitrary commands.

Learn more about our Web Application Penetration Testing UK.