Closed
Bug 243873
Opened 20 years ago
Closed 20 years ago
Seem to be able to launch Help.app and run a script with a URL like 'help:runscript=...',
Categories
(Camino Graveyard :: OS Integration, defect)
Tracking
(Not tracked)
VERIFIED
DUPLICATE
of bug 243699
People
(Reporter: mark, Assigned: mikepinkerton)
Details
User-Agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.8a) Gecko/20040517 Camino/0.7+ Build Identifier: Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.8a) Gecko/20040517 Camino/0.7+ I was reading apple.slashdot.org (see url in additional information) and Camino seems to be able to run "help:runscript=...'" like help:runscript=../../Scripts/Info Scripts/Current Date & Time.scpt Reproducible: Always Steps to Reproduce: 1.Paste URL:"help:runscript=../../Scripts/Info Scripts/Current Date & Time.scpt" 2.Press return Actual Results: See Date and time in help app. I read about "vulnerability has been found in Mac OS X's Safari, which will launch Help.app and run an arbitrary script with a URL like 'help:runscript=...', " http://apple.slashdot.org/apple/04/05/17/1646216.shtml?tid=126&tid=172&tid=179&tid=185&tid=190 and "Serious Security Flaw in Mac OS X/Safari/Help Viewer" http://forums.macnn.com/showthread.php?%20s=&threadid=213043&perpage=50&pagenumber=1
|
Assignee | |
Comment 1•20 years ago
|
||
this should have been fixed by 243699, reporter can you verify? *** This bug has been marked as a duplicate of 243699 ***
Status: UNCONFIRMED → RESOLVED
Closed: 20 years ago
Resolution: --- → DUPLICATE
Summary: Seem to be able to launch Help.app and run a script with a URL like 'help:runscript=...', → Seem to be able to launch Help.app and run a script with a URL like 'help:runscript=...',
|
Reporter | |
Comment 2•20 years ago
|
||
Tested "help:runscript=../../Scripts/Info Scripts/Current Date & Time.scpt" with 0.8b 2004051715 - date and time still show.
Status: RESOLVED → VERIFIED
You need to log in
before you can comment on or make changes to this bug.
Description
•