bofors Posted November 22, 2006 Share Posted November 22, 2006 Security firm Secunia has posted an advisory about a potential Mac OS X UDIF Memory Corruption Vulnerability. The original source of the report states that the vulnerability is present on a fully-patched Intel-based Mac. The report states: “The vulnerability is caused due to an error in com.apple.AppleDiskImageController when handling corrupted DMG image structures. This can be exploited to cause a memory corruption and may allow execution of arbitrary code in kernel-mode.” This vulnerability “potentially can be exploited by malicious, local users to gain escalated privileges or by malicious people to compromise a vulnerable system,” according to Secunia. http://news.yahoo.com/s/macworld/20061121/...secunia20061121 http://secunia.com/advisories/23012/ Link to comment https://www.insanelymac.com/forum/topic/33924-critical-os-x-security-bug/ Share on other sites More sharing options...
Timyang Posted November 22, 2006 Share Posted November 22, 2006 http://arstechnica.com/journals/apple.ars/2006/11/22/6060 it causes a kernel panic? Link to comment https://www.insanelymac.com/forum/topic/33924-critical-os-x-security-bug/#findComment-240161 Share on other sites More sharing options...
A Nonny Moose Posted November 23, 2006 Share Posted November 23, 2006 This is why you should uncheck the Safari setting to open "safe" files. Actually, it should have been turned off by default. Link to comment https://www.insanelymac.com/forum/topic/33924-critical-os-x-security-bug/#findComment-240300 Share on other sites More sharing options...
trav1085 Posted November 24, 2006 Share Posted November 24, 2006 Mac OS X UDIF Memory Corruption Vulnerability hmmm... This reminds of me of a Windows XP Buffer Overrun that may allow remote code execution... Link to comment https://www.insanelymac.com/forum/topic/33924-critical-os-x-security-bug/#findComment-240935 Share on other sites More sharing options...
Recommended Posts