Title: MacOS 9.2 Local Internet Explorer Helper Application Vulnerability
Severity: MODERATE
Description:
A vulnerability exists in Mac OS 9.2 that may allow a local attacker to use Internet Explorer to access restricted applications.
Internet Explorer can be configured to use any program as a Helper Application. Normal use of Helper Applications may allow a user to use Internet Explorer to view PDF files by creating a Helper Application for Adobe Acrobat. However, this functionality can be used maliciously as well. The problem is that Helper Applications will still be executed regardless of the access controls put in place to restrict the execution of said applications. Therefore, a malicious user can create a Helper Application that causes a restricted program to be executed.
This issue may result in a local attacker gaining elevated privileges.
Since Netscape also has the same Helper Application functionality, it may be possible to use it in the same manner. Though this is unconfirmed.
Affected Products:
- Apple Mac OS 9 9.2.1
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
