By Thomas Claburn
InformationWeek
January 8, 2010
Proof of concept exploit code was posted today by a security researcher at SecurityReason to demonstrate a vulnerability in versions 10.5 and
10.6 of Apple's Mac OS X operating system.
The vulnerability is a potential buffer overflow error arising from the use of the strtod function Mac OS X's underlying Unix code. It was first reported by researcher Maksymilian Arciemowicz last June.
SecurityReason's advisory describes a flaw in the libc/gdtoa code in OpenBSD, NetBSD, FreeBSD, and MacOS X, as well as Google Chrome, Mozilla Firefox and other Mozilla software, Opera, KDE, and K-Meleon.
SecurityReason's advisory rates the vulnerability's risk as "high" and claims that the flaw can be exploited by a remote attacker.
A spokesperson for SecurityReason wasn't immediately available to characterize the likelihood that this vulnerability could be exploited.
skip to main |
skip to sidebar
10% off Kaspersky Internet Security 2010
10% off Kaspersky Internet Security 2010 - Everything you Need for a Secure and Safe Internet Experience Offer Expires 08/10/10
Coupon Code: KASUK10%OFF
10% off Kaspersky Internet Security 2010
10% off Kaspersky Internet Security 2010 - Everything you Need for a Secure and Safe Internet Experience Offer Expires 08/10/10
Coupon Code: KASUK10%OFF
Huge Discounts with iRemove
Blog Archive
-
▼
2010
(119)
-
▼
January
(59)
-
▼
Jan 10
(9)
- No title
- iRemove Amsterdam Now Open!
- Heartland to pay up to $60M to Visa over breach
- Don't Wait To Lock Down DB2
- Mac OS X Vulnerability Posted
- RSA crypto defiled again, with factoring of 768-bi...
- Microsoft, Adobe prep critical security patches
- Go Card error investigated
- Hackers deface 5th govt Web site, mock automated p...
-
▼
Jan 10
(9)
-
▼
January
(59)
