- Update on multiple Mac OS X and Safari Vulnerabilities
- Posted by MacSecurityNews on April 22nd, 2006
These have all been reported on earlier in the year. However, it seems
as though Tom Ferris's discoveries are getting some new coverage
lately. These are all unpatched vulnerabilities...and Proof-of-concept
code is available for all but one of them.
Apple OS X 10.4.5 .tiff "LZWDecodeVector ()" Heap Overflow
Apple OS X BOM ArchiveHelper .zip Heap Overflow
Apple OS X Safari 2.0.3 Multiple Vulnerabilities
Apple OS X 10.4.6 "ReadBMP ()" .bmp Heap Overflow
Apple OS X 10.4.6 "CFAllocatorAllocate ()" .gif Heap Overflow
Apple OS X 10.4.6 .tiff "_cg_TIFFSetField ()" DoS
Apple OS X 10.4.6 .tiff "PredictorVSetField ()" Heap Overflow
More details available at http://www.macsecuritynews.com
Similar Posts
- Using TSWEB on Safari on Mac OS (Working Remotely) by Amar
- Microsoft Office Multiple Remote Code Execution Vulnerabilities (Computers & Technology) by Au79
- Multiple Vulnerabilities in Kerio Products (Software & Applications) by ¿
- For Safari 1.3 users (Graphics & Designing) by Davide Montellanico
- CERT Advisory CA-2003-22 Multiple Vulnerabilities in Microsoft Internet Explorer (Computers & Technology) by Boomer
