MAAS History
Archives
« Private Browsing is Not Always Private | Main | Safari Updates Address Security Concerns »
Monday
Dec152008

OSX Update 10.5.6

DateMonday, December 15, 2008 at 10:38PM

Apple has release an update that addresses about 21 security issues that can be exploited in a variety of ways. If you are using egress filtering between groups/departments the effects of local attacks may be contained but it it recommended to install the update for your particular system. Popular exploitation delivery includes directing a user to a web site or sending a corrupt image to be viewed locally. This can in the worst case result in the execution of code and hijacking the entire system. 

Overview

 

  • Heap buffer overflow in CoreGraphics.
  • Flash Plug-in Vulnerabilities which are web directed exploits. 
  • CoreServices credential hijack vulnerability. 

 

These can result in:

 

  • Session fixation attack.
  • Denial of Service.
  • Elevation of privilege.

 

 

AuthordrStrangeP0rk | CommentPost a Comment | Reference1 Reference |
in

PrintView Printer Friendly Version

EmailEmail Article to Friend

References (1)

References allow you to track sources for this article, as well as articles that were written in response to this article.

Reader Comments

There are no comments for this journal entry. To create a new comment, use the form below.
Member Account Required
You must have a member account on this website in order to post comments. Log in to your account to enable posting.