BetaONE will rise again!


Reply
  #1  
Old 26th Jan 05, 08:30 PM
NewsBot's Avatar
NewsBot NewsBot is offline
Senior Member
 
Join Date: Oct 2004
Posts: 30,785
NewsBot will become famous soon enough
Apple Releases Security Update for Mac OS X
Apple Computer released a security update for mac owners today to fix seven exploits in Mac OS X.

The update fixes a variety of problems in OS X, including ColorSync, Libxm2, Mail, PHP, Safari, and Sendmail; click read more for an extensive list of the problems and respective fixes.

Users of Mac OS X v10.3.7 can update their OS via Software Update preferences, or from Apple Downloads.

View: More Information On Vulnerabilites
Download: Security Update 2005-001 (Mac OS X 10.3.7 Client) 1.0
View: Apple Computer


at commands
Problem: The "at" family of commands did not properly drop privileges. This could allow a local user to remove files not owned by them, run programs with added privileges, or read the contents of normally unreadable files.

ColorSync
Problem: An out-of-specification or improperly embedded ICC color profile could overwrite the program heap and allow arbitrary code execution.

libxml2
Problem: The libxml2 library contains unsafe code that may be exploited in applications linked against it.

Mail
Problem: A GUUID containing an identifier associated with the Ethernet networking hardware was used in the construction of an RFC-822 required Message-ID header.

PHP
Problem: Multiple vulnerabilities in PHP, including remote denial of service and execution of arbitrary code.

Safari
Problem: When Safari's "Block Pop-Up Windows" feature is not enabled, a malicious pop-up window could appear as being from a trusted site.

SquirrelMail
Problem: A cross-site scripting vulnerability in SquirrelMail allowed email messages to contain content that would be rendered by a user's web browser.

News source: Neowin
Full story: View Here
Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is On
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
MS Releases Beta of Update Rollup 1 for Windows 2000 SP4 NewsBot NeoWin News 0 26th Jan 05 02:30 PM
Update Rollup for Windows 2000 SP4 Beta Released NewsBot ieXbeta News 0 26th Jan 05 01:30 AM
Apple plugs security holes for OS X NewsBot ieXbeta News 0 3rd Dec 04 05:00 AM
Microsoft Commits to Security NewsBot BetaONE News 0 4th Nov 04 03:00 PM
Microsoft releases 10 security updates NewsBot ieXbeta News 0 21st Oct 04 10:51 PM


All times are GMT +1. The time now is 12:31 PM.


Design by Vjacheslav Trushkin for phpBBStyles.com.
Powered by vBulletin® Version 3.6.5
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.