DoctorDoom
04-22-2006, 07:50 PM
Description:
Tom Ferris has reported some potential vulnerabilities in Mac OS X, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a user's system.
1) An error exists in the "BOMStackPop()" function in the BOMArchiveHelper when decompressing malformed ZIP archives.
2) Some errors exists in the "KWQListIteratorImpl()", "drawText()", and "objc_msgSend_rtp()" functions in Safari when processing malformed HTML tags.
3) An error exists in the "ReadBMP()" function when processing malformed BMP images and can be exploited via e.g. Safari or the Preview application.
4) An error exists in the "CFAllocatorAllocate()" function when processing malformed GIF images and can be exploited via e.g. Safari when a user visits a malicious web site.
5) Two errors exists in the " _cg_TIFFSetField ()" and "PredictorVSetField()" functions when processing malformed TIFF images and can be exploited via e.g. the Preview, Finder, QuickTime, or Safari applications.
The vulnerabilities have been reported in version 10.4.6. Other versions may also be affected.
Solution:
Do not visit untrusted web sites, and do not open ZIP archives or images originating from untrusted sources. Mac OS X Multiple Potential Vulnerabilities (http://secunia.com/advisories/19686/)
These issues have been classified as "Highly critical".
Tom Ferris has reported some potential vulnerabilities in Mac OS X, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a user's system.
1) An error exists in the "BOMStackPop()" function in the BOMArchiveHelper when decompressing malformed ZIP archives.
2) Some errors exists in the "KWQListIteratorImpl()", "drawText()", and "objc_msgSend_rtp()" functions in Safari when processing malformed HTML tags.
3) An error exists in the "ReadBMP()" function when processing malformed BMP images and can be exploited via e.g. Safari or the Preview application.
4) An error exists in the "CFAllocatorAllocate()" function when processing malformed GIF images and can be exploited via e.g. Safari when a user visits a malicious web site.
5) Two errors exists in the " _cg_TIFFSetField ()" and "PredictorVSetField()" functions when processing malformed TIFF images and can be exploited via e.g. the Preview, Finder, QuickTime, or Safari applications.
The vulnerabilities have been reported in version 10.4.6. Other versions may also be affected.
Solution:
Do not visit untrusted web sites, and do not open ZIP archives or images originating from untrusted sources. Mac OS X Multiple Potential Vulnerabilities (http://secunia.com/advisories/19686/)
These issues have been classified as "Highly critical".