Apple ColorSync heap overflow
Page 1 of 1
Apple ColorSync heap overflow
Apple released the Mac OS X 10.5.8 update, which includes security fixes:
http://support.apple.com/kb/HT3757
One of the fixes is for a heap-based buffer overflow in the ColorSync component (which handles the parsing of ICC profiles). Limited details are here:
http://scary.beasts.org/security/CESA-2009-011.html
This vulnerability could likely be used to execute arbitrary code in contexts such as Safari browsing to a malicious page. Mail clients (both web-based and local client based) might make an interesting target.
This was discovered because the test case for my earlier LittleCMS (lcms) vulnerabilities happens to crash Safari when you hit it:
https://cevans-app.appspot.com/static/CVE-2009-0733.jpg
http://support.apple.com/kb/HT3757
One of the fixes is for a heap-based buffer overflow in the ColorSync component (which handles the parsing of ICC profiles). Limited details are here:
http://scary.beasts.org/security/CESA-2009-011.html
This vulnerability could likely be used to execute arbitrary code in contexts such as Safari browsing to a malicious page. Mail clients (both web-based and local client based) might make an interesting target.
This was discovered because the test case for my earlier LittleCMS (lcms) vulnerabilities happens to crash Safari when you hit it:
https://cevans-app.appspot.com/static/CVE-2009-0733.jpg
andry- Moderator
- Posts : 467
Join date : 2010-05-07
Similar topics
» K-Meleon for windows about:neterror Stack Overflow DoS
» Multiple vulnerabilities in Apple Webkit and Safari
» Apple's Safari 4 also fixes cross-domain XML theft
» Apple's Safari 4 fixes local file theft attack
» Amaya 11 Stack Overflow Exploits
» Multiple vulnerabilities in Apple Webkit and Safari
» Apple's Safari 4 also fixes cross-domain XML theft
» Apple's Safari 4 fixes local file theft attack
» Amaya 11 Stack Overflow Exploits
Page 1 of 1
Permissions in this forum:
You cannot reply to topics in this forum
|
|