[macosx-unix] Various Vulnerabilities in the news
Isaac Levy
ike at lesmuug.org
Sat Apr 22 13:23:45 EDT 2006
Hi All,
Below is a link to a fistfull of vulnerabilities found in OSX. I'm
reading up myself here to see if it's all worth getting really exited
about...
http://isc.sans.org/diary.php?storyid=1282
> Handler's Diary April 21st 2006
>
> Reports of multiple OS X vulnerabilities with PoC
>
> Published: 2006-04-21,
> Last Updated: 2006-04-21 19:46:40 UTC by Adrien de Beaupre
> (Version: 1)
>
>
>
> Multiple vulnerabilities have been reported in Apple Mac OS X and
> applications. Proof of Concept code has already been posted along
> with the information regarding the vulnerabilities. At this time no
> patches or workarounds appear to be available for the majority of
> the vulnerabilities. The impact is Denial of Service or arbitrary
> code executed remotely, and severity is highly critical.
>
> Links to advisories:
>
> Apple OS X 10.4.5 .tiff "LZWDecodeVector ()" Heap Overflow
> http://www.security-protocols.com/sp-x24-advisory.php
>
> Apple OS X BOM ArchiveHelper .zip Heap Overflow
> http://www.security-protocols.com/sp-x25-advisory.php
>
> Apple OS X Safari 2.0.3 Multiple Vulnerabilities
> http://www.security-protocols.com/sp-x26-advisory.php
>
> Apple OS X 10.4.6 "ReadBMP ()" .bmp Heap Overflow
> http://www.security-protocols.com/sp-x27-advisory.php
>
> Apple OS X 10.4.6 "CFAllocatorAllocate ()" .gif Heap Overflow
> http://www.security-protocols.com/sp-x28-advisory.php
>
> Apple OS X 10.4.6 .tiff "_cg_TIFFSetField ()" DoS
> http://www.security-protocols.com/sp-x29-advisory.php
>
> Apple OS X 10.4.6 .tiff "PredictorVSetField ()" Heap Overflow
> http://www.security-protocols.com/sp-x30-advisory.php
>
> Cheers,
> Adrien
Best,
.ike
More information about the macosx-unix
mailing list