Vulnerability Note VU#258744
Apple Mac OS X Finder fails to properly handle malformed .DS_Store files
Apple Finder fails to properly handle malformed .DS_Store files. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code.
.DS_Store files are hidden files used by Apple Finder to control the display of a folder and its contents.
According to Apple Security Advisory 2006-007:
A remote, unauthenticated attacker may be able to execute arbitrary code with the privileges of the user running Apple Finder.
Apply Apple Updates
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Apple Computer, Inc.||Affected||-||29 Nov 2006|
CVSS Metrics (Learn More)
This vulnerability was reported in Apple Security Update 2006-007.
This document was written by Jeff Gennari based on information from Apple.
- CVE IDs: CVE-2006-4402
- Date Public: 28 Nov 2006
- Date First Published: 29 Nov 2006
- Date Last Updated: 30 Nov 2006
- Severity Metric: 26.32
- Document Revision: 31
If you have feedback, comments, or additional information about this vulnerability, please send us email.