MAAS History
Archives

Entries by drStrangeP0rk (171)

Thursday
Sep102009

Firefox Update 3.5.3 With Flash Version Check

DateThursday, September 10, 2009 at 09:02AM

Mozilla has released updates to Firefox which address the following issues, view source articles for details.

  • Crashes with evidence of memory corruption (rv:1.9.1.3/1.9.0.14
  • TreeColumns dangling pointer vulnerability
  • Location bar spoofing via tall line-height Unicode characters
  • Chrome privilege escalation with FeedWriter
  • Flash Version Check

 

Mozilla has incorporated a Flash Version Check to insure that the latest version in running for Firefox users. In addition I recommend the No-Script plug-in to get control of scripts from various sites. Users can apply this update by selecting check for updates or going to the direct download page at http://www.mozilla.com/en-US/firefox/firefox.html

AuthordrStrangeP0rk | CommentPost a Comment | Reference4 References |
in ,
Wednesday
Sep092009

QuickTime 7.6.4 Update

DateWednesday, September 9, 2009 at 07:08PM

APPLE-SA-2009-09-09-2 QuickTime 7.6.4 addresses various CVE-ID related to QuickTime in Mac OSX and Windows by improving bounds checking. This includes memory corruption in QuickTime's handling of H.264 movie files, the heap buffer overflow related to the way in which QuickTime handles FlashPix and the buffer overflow issues related to MPEG-4. Due to poor bounds checking these vulnerabilities can cause an application crash, arbitrary code execution and possible escalation of privileges.

AuthordrStrangeP0rk | CommentPost a Comment | Reference1 Reference |
in , , , ,
Wednesday
Sep092009

iPhone OS 3.1 and iPhone OS 3.1.1 for iPod Touch

DateWednesday, September 9, 2009 at 04:04PM

The following CVE-ID issues have been addressed and fixed

  • The heap overflow in the handling of AAC or MP3 files leading to DoS or arbitrary code execution. 
  • The "Require Passcode" on the iPhone did not sync with "Maximum inactivity time lock" for exchange servers. This created a window in which a user with physical access to the device access even to exchange services.
  • Spotlight search would allow access to delete email messages.
  • A heap buffer overflow in Recovery Mode allowed for Passcode bypass. This could allow someone with physical access to the device to gain access.
  • Maliciously crafted SMS exploiting null pointer dereference issues could lead to a DoS.
  • The Undo Manager allowed for deleted passwords characters to be visible. 
  • User names and passwords in original URL referrer header may disclose information to linked sites.
  • WebKit's handling of numeric character references allowed memory to become corrupt which could allow a maliciously crafted website to terminate the application and code execution.   
  • WebKit's handling of parent and top object could be exploited using cross-site scripting attack.
  • Look-a-like characters could be created using International Domain Name (IDN) support and Unicode fonts. 

AuthordrStrangeP0rk | CommentPost a Comment | Reference1 Reference |
in , , , , ,
Thursday
Sep032009

Java for Mac OSX 10.5 Update 5

DateThursday, September 3, 2009 at 05:20PM

Apple-SA-2009-09-03-1 Java update 5 addresses various CVE-ID for Mac OSX 10.5 client and servers running the follow Java versions below:

  • Java 1.6.0_13 had serious vulnerabilities including allowing an untrusted Java Applet to elevate privileges
  • Java 1.5.0_19 had serious vulnerabilities including allowing an untrusted Java Applet to elevate privileges
  • Java 1.4.2_21 had serious vulnerabilities including allowing an untrusted Java Applet to elevate privileges

 In addition CVE-2009-2205 related to a stack buffer overflow in the command launcher in Java Web Start. This resulted in a unexpected application termination or arbitrary code execution. This update will require a restart.

If you manually installed Java or want to download the update it can be found at the following link http://support.apple.com/downloads/

AuthordrStrangeP0rk | CommentPost a Comment | Reference3 References |
in , , , , ,
Tuesday
Sep012009

Snow Leopard Client defaults to 32-Bit Kernel

DateTuesday, September 1, 2009 at 07:41AM

Mac OSX 10.6 includes 64-bit versions of various applications, the default kernel setting is to boot into 32-bit mode. To boot the 64-bit kernel users have to hold down the "6" and "4" key at boot time. (Holding "3" and "2" will cause 10.6 to boot back in 32-bit mode.)  For OSX 10.6 Server the kernel boots into 64-bit mode by default. To make the change permanent users need to edit com.apple.Boot.plist and change the configuration. There is also a issue with older MacBooks only recognizing 3GB of ram out of 4GB if they are equipped with the 32-bit EFI chip. Apple claims many of the features are not completely ready yet, as they do become available they will be incorporated into updates. Their goal to to provide a stable transition to a truly 64-bit platform. The Finder, Mail, Safari, TextEdit, Preview are all 64-bit along with Mac OSX server. 

To check your EFI enter the following command in the Terminal

 

ioreg -l -p IODeviceTree | grep firmware-abi

The result should be the following. 

| |   "firmware-abi" = <"EFI64">

Now you can edit the com.apple.Boot.plist changing the key value for Kernel Flags.

// default 32-bit mode

<key>Kernel Flags</key>

<string></string>

Change that to:

//64-bit mode

<key>kernel Flags</key>

<string>arch=x86_64</string>

 

AuthordrStrangeP0rk | CommentPost a Comment | Reference1 Reference |
in , ,
Page 1 ... 23 24 25 26 27 ... 35 Next 5 Entries ยป