APPLE-SA-2009-09-10-2 Security Update 2009-005
Apple Security Update 2009-090-10-2 addresses multiple vulnerabilities that span all versions of OSX Client and Server. A buffer overflow existed in the Alias Manager which allowed a maliciously crafted alias file to terminate an application or execute arbitrary code. This is addressed by using improved bounds checking.
CoreGraphics could be exploited by either an integer overflow or heap buffer overflow which could lead to application termination or arbitrary code execution. In a chained case (interger overflow+heap buffer overflow) this could lead to an attacker using JBIG2 files embedded in PDF to trigger an application failure or execute malicious code.
CUPS (Common UNIX Printing System : see :http://localhost:631) have been updated to eliminate the possibility of an unprivileged user using the CUPS USB backend to gain root access. In addition validation is improved by preventing maliciously crafted scheduler requests from gaining access to print sharing services.
The update also updates the Flash Player Plug-in, it is recommended that users and administrator supdate theri flash and set Flash to check for updates to weekly, see magmatic.com articles. Users can check and set their Flash preferences using the following links:
- http://kb2.adobe.com/cps/155/tn_15507.html
- http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager.html
PixarFilm encoded TIFF validation processhas been improved to eliminate memory corruption issues in ImageIO. Common vulnerabilities have been addressed in Wiki Server, MySql and PHP on Client and Server. The cross site scripting vulnerability in the Wiki Server has been fixed by setting UTF-8 as the default character set in HTTP responses.
Mac OSX server updates also include patches to ClamAV, CarbonCore, ColorSync, Launch Services and SMB. In the case of SMB services an unchecked error condition existed that allowed a user without a home directory configured to access the file system with local file system privileges.
Reader Comments