Vulnerabilities / Threats
1/8/2010
02:52 PM
Connect Directly
LinkedIn
Twitter
Google+
RSS
E-Mail
50%
50%

Mac OS X Vulnerability Posted

The vulnerability is a variant of an issue raised last summer.

Proof of concept exploit code was posted today by a security researcher at SecurityReason to demonstrate a vulnerability in versions 10.5 and 10.6 of Apple's Mac OS X operating system.

The vulnerability is a potential buffer overflow error arising from the use of the strtod function Mac OS X's underlying Unix code. It was first reported by researcher Maksymilian Arciemowicz last June.

SecurityReason's advisory describes a flaw in the libc/gdtoa code in OpenBSD, NetBSD, FreeBSD, and MacOS X, as well as Google Chrome, Mozilla Firefox and other Mozilla software, Opera, KDE, and K-Meleon.

SecurityReason's advisory rates the vulnerability's risk as "high" and claims that the flaw can be exploited by a remote attacker.

A spokesperson for SecurityReason wasn't immediately available to characterize the likelihood that this vulnerability could be exploited.

The vulnerability was addressed in FreeBSD and NetBSD last last summer.

And shortly thereafter Google and Mozilla, among other vendors, did the same.

But Apple apparently has not yet updated its software to incorporate the fix.

Apple did not immediately respond to a request for comment.

In their respective predictions for 2010, computer security companies Symantec, Websense, and Zscaler all said that they foresaw more attacks being directed at Macs and other Apple devices this year.

To some extent, such predictions represent wishful thinking. But Mac users should give some thought to security, if only in terms of using the built-in Mac OS X firewall and exercising caution in the Web sites they visit and the e-mail messages they open.

Some of the most serious security issues computer users face have to do with Web software and cross-platform software, like Adobe's Acrobat and Acrobat Reader.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2010-5110
Published: 2014-08-29
DCTStream.cc in Poppler before 0.13.3 allows remote attackers to cause a denial of service (crash) via a crafted PDF file.

CVE-2012-1503
Published: 2014-08-29
Cross-site scripting (XSS) vulnerability in Six Apart (formerly Six Apart KK) Movable Type (MT) Pro 5.13 allows remote attackers to inject arbitrary web script or HTML via the comment section.

CVE-2013-5467
Published: 2014-08-29
Monitoring Agent for UNIX Logs 6.2.0 through FP03, 6.2.1 through FP04, 6.2.2 through FP09, and 6.2.3 through FP04 and Monitoring Server (ms) and Shared Libraries (ax) 6.2.0 through FP03, 6.2.1 through FP04, 6.2.2 through FP08, 6.2.3 through FP01, and 6.3.0 through FP01 in IBM Tivoli Monitoring (ITM)...

CVE-2014-0600
Published: 2014-08-29
FileUploadServlet in the Administration service in Novell GroupWise 2014 before SP1 allows remote attackers to read or write to arbitrary files via the poLibMaintenanceFileSave parameter, aka ZDI-CAN-2287.

CVE-2014-0888
Published: 2014-08-29
IBM Worklight Foundation 5.x and 6.x before 6.2.0.0, as used in Worklight and Mobile Foundation, allows remote authenticated users to bypass the application-authenticity feature via unspecified vectors.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
This episode of Dark Reading Radio looks at infosec security from the big enterprise POV with interviews featuring Ron Plesco, Cyber Investigations, Intelligence & Analytics at KPMG; and Chris Inglis & Chris Bell of Securonix.