ID

VAR-200801-0014

CVE

CVE-2008-0035

TITLE

plural Apple Product of Foundation Memory corruption vulnerability

DESCRIPTION

Unspecified vulnerability in Foundation, as used in Apple iPhone 1.0 through 1.1.2, iPod touch 1.1 through 1.1.2, and Mac OS X 10.5 through 10.5.1, allows remote attackers to cause a denial of service (application termination) or execute arbitrary code via a crafted URL that triggers memory corruption in Safari. Apple Safari for iPhone and iPod Touch is prone to a remote code-execution vulnerability because it fails to adequately sanitize user-supplied input. An attacker may exploit this issue by enticing victims into viewing a maliciously crafted URI. Successfully exploiting this issue can allow attackers to crash the application or to execute arbitrary code in the context of the affected application. This issue affects iPhone v1.0 to v1.1.2 and iPod Touch v1.1 to v1.1.2. The iPod touch (also known as iTouch) is an MP4 player released by Apple, and the iPhone is a smartphone released by it. Remote attackers may use this vulnerability to control the user's system. 2) An error in the handling of emergency calls can be exploited to bypass the Passcode Lock feature and allows users with physical access to an iPhone to launch applications without the passcode. For more information see vulnerability #21 in: SA28136 SOLUTION: Update to version 1.1.3 (downloadable and installable via iTunes). PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. I. Further details are available in the US-CERT Vulnerability Notes Database. These products include Samba and X11. II. Impact The impacts of these vulnerabilities vary. III. These and other updates are available via Software Update or via Apple Downloads. IV. Please send email to <cert@cert.org> with "TA08-043B Feedback VU#774345" in the subject. ____________________________________________________________________ For instructions on subscribing to or unsubscribing from this mailing list, visit <http://www.us-cert.gov/cas/signup.html>. ____________________________________________________________________ Produced 2008 by US-CERT, a government organization. Terms of use: <http://www.us-cert.gov/legal.html> ____________________________________________________________________ Revision History February 12, 2008: Initial release -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iQEVAwUBR7HyXPRFkHkM87XOAQLgawf/WfBp5mjT+DZriprWRqe1HM4Z9SSe/5Dg jMgSlX1j/YJC7FgZfjJvriQ+yXeOnhwvKggfTbkJWej+0AeRbyIUFWD/ZTh2Qylp /1vBehJW9nhT2yMT65/gT/MnbArN11AILkfSGr4W6xLPMR2zq0HsrP2SxYlAVkSO PPlo0KhWWATcjHjJEacdmry4fR6iv6xA0gFjWN6i18VX5LSMOEyO3LpDt+Rk8fet r7Pwi/QEr/nipEEw8R8Jg9+LT8dqQL1t+yhTa5pV1rceuEb3Cz67paHAqRneldW9 SAl/TPznmYCCMHqyOfHdRBUVvOxI09OPjHYkf7ghv5e06LqbfVMZug== =qwP5 -----END PGP SIGNATURE----- . ---------------------------------------------------------------------- A new version (0.9.0.0 - Release Candidate 1) of the free Secunia PSI has been released. The new version includes many new and advanced features, which makes it even easier to stay patched. Download and test it today: https://psi.secunia.com/ Read more about this new version: https://psi.secunia.com/?page=changelog ---------------------------------------------------------------------- TITLE: Apple Mac OS X Security Update Fixes Multiple Vulnerabilities SECUNIA ADVISORY ID: SA28891 VERIFY ADVISORY: http://secunia.com/advisories/28891/ CRITICAL: Highly critical IMPACT: Security Bypass, Exposure of system information, Privilege escalation, DoS, System access WHERE: >From remote OPERATING SYSTEM: Apple Macintosh OS X http://secunia.com/product/96/ DESCRIPTION: Apple has issued a security update for Mac OS X, which fixes multiple vulnerabilities and weaknesses. 1) An unspecified error exists within Foundation in Safari's handling of URLs. This can be exploited to cause a memory corruption when a user is enticed to access a specially crafted URL. Successful exploitation may allow execution of arbitrary code. 2) A weakness exists due to Launch Services allowing users to start uninstalled applications from a Time Machine Backup. 3) An error in the handling of file:// URLs in Mail can be exploited to execute arbitrary applications without warning when a user is enticed to click on a URL within a message. 4) An unspecified error exists within NFS when handling mbuf chains. This can be exploited to cause a memory corruption and allows a system shutdown and potential execution of arbitrary code. 5) The problem is that Parental Controls contacts www.apple.com when a site is unblocked and allows for detection of computers running Parental Controls. 6) A boundary error in Samba can be exploited by malicious people to compromise a vulnerable system. For more information: SA27760 7) An input validation error exists in Terminal when processing URL schemes. 8) Multiple vulnerabilities in X11 X Font Server can be exploited by malicious, local users to gain escalated privileges. For more information: SA27040 9) An error exists in X11, which causes certain settings ("Allow connections from network client") not to be applied. SOLUTION: Update to Mac OS X 10.5.2 or apply Security Update 2008-001. Security Update 2008-001 (PPC): http://www.apple.com/support/downloads/securityupdate2008001ppc.html Security Update 2008-001 (Universal): http://www.apple.com/support/downloads/securityupdate2008001universal.html Mac OS X 10.5.2 Combo Update: http://www.apple.com/support/downloads/macosx1052comboupdate.html Mac OS X Server 10.5.2 Combo Update: http://www.apple.com/support/downloads/macosxserver1052comboupdate.html PROVIDED AND/OR DISCOVERED BY: 2) The vendor credits Steven Fisher of Discovery Software Ltd. and Ian Coutier. 4) The vendor credits Oleg Drokin, Sun Microsystems. 5) The vendor credits Jesse Pearson. 6) Alin Rad Pop, Secunia Research. 7) The vendor credits Olli Leppanen of Digital Film Finland, and Brian Mastenbrook. ORIGINAL ADVISORY: Apple: http://docs.info.apple.com/article.html?artnum=307430 OTHER REFERENCES: SA27040: http://secunia.com/advisories/27040/ SA27760: http://secunia.com/advisories/27760/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

AFFECTED PRODUCTS

CVSS

PROBLEMTYPE DATA

THREAT TYPE

remote

TYPE

resource management error

CONFIGURATIONS

PATCH

EXTERNAL IDS

REFERENCES

CREDITS

Apple

SOURCES

LAST UPDATE DATE

2024-11-23T19:43:21.072000+00:00

SOURCES UPDATE DATE

SOURCES RELEASE DATE