Directory traversal vulnerability in mod_hfs_apple in Apple Mac OS X (Mac OS X)| ID: oval:org.secpod.oval:def:13781 | Date: (C)2013-05-28 (M)2024-02-19 |
| Class: VULNERABILITY | Family: macos |
The host is installed with Apple Mac OS X or Apple Mac OS X Server 10.6.8, 10.7 through 10.7.5, or 10.8 before 10.8.3 and is prone to a directory traversal vulnerability. A flaw is present in the application, which fails to properly handle URIs with ignorable Unicode character sequences. Successful exploitation could allow attackers to to access directories that are protected with HTTP authentication without knowing the correct credentials
| Platform: |
| Apple Mac OS X 10.6 |
| Apple Mac OS X Server 10.6 |
| Apple Mac OS X 10.7 |
| Apple Mac OS X Server 10.7 |
| Apple Mac OS X 10.8 |
| Apple Mac OS X Server 10.8 |
