CVE-2008-1000

N/A Unknown

Published: March 18, 2008 Modified: April 23, 2026

Description

Directory traversal vulnerability in ContentServer.py in the Wiki Server in Apple Mac OS X 10.5.2 (aka Leopard) allows remote authenticated users to write arbitrary files via ".." sequences in file attachments.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://docs.info.apple.com/article.html?artnum=307562

Source: cve@mitre.org

http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html

Source: cve@mitre.org

http://secunia.com/advisories/29420

Source: cve@mitre.org

http://www.coresecurity.com/index.php5?module=ContentMod&action=item&id=2189

Source: cve@mitre.org

Patch

http://www.securityfocus.com/archive/1/489786/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/28278

Source: cve@mitre.org

http://www.securitytracker.com/id?1019660

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2008/0924/references

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/41278

Source: cve@mitre.org

http://docs.info.apple.com/article.html?artnum=307562