Remote File Reading Vulnerability in Apple Keynote by Apple
CVE-2005-1408

Currently unrated

Key Information:

Vendor: Apple
Status: Keynote
Vendor: CVE Published:; 26 May 2005

What is CVE-2005-1408?

Apple Keynote versions 2.0 and 2.0.1 are affected by a vulnerability that allows remote attackers to exploit the keynote: URI handler, enabling them to read arbitrary files from a target system by delivering a specially crafted Keynote presentation. This flaw poses significant risks, as it can lead to unauthorized information disclosure without user interaction. It is crucial for users to ensure they are using secure versions of the software and to exercise caution when opening presentations from untrusted sources.

References

http://secunia.com/advisories/15508

third-party-advisoryx_refsource_SECUNIA

http://lists.apple.com/archives/security-announce/2005/Ma...

vendor-advisoryx_refsource_APPLE

http://remahl.se/david/vuln/016/

x_refsource_MISC

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 26, 2005
Vulnerability Reserved
May 3, 2005