|
|
|
Vulnerability Note VU#210606Apple Mac OS X "disk://" URI handler stores arbitrary files in a known locationOverviewA vulnerability has been reported in the default "disk://" protocol handler installed on Apple Mac OS X systems. Remote attackers may potentially use this vulnerability to create files on the local system without explicit user consent. We have not independently verified the scope of this vulnerability report.I. DescriptionA vulnerability has been reported in the Apple Mac OS X default "disk://" URI Handler. If able to entice a user to visit a foreign web site, a remote attacker may potentially be able to download any arbitrary file to a known location on the local system. If the file is a disk image (".dmg"), it could be automatcially mounted as a disk volume available for use by an attacker. A separate vulnerability, VU#578798, has also been reported which may allow a remote attacker to execute arbitrary application files contained within a mounted disk image.Browser or applications supporting "disk://" URIs.
This update removes the "disk://" URI handler. According to the posting on Secunia, implementing all three of the following steps may mitigate this vulnerability:
2) Change the protocol helpers (applications) for URI handlers which are not required, e.g., disable the "help://" handler; 3) Add a separate protocol helper (application) for "disk". Systems Affected
Referenceshttp://www.kb.cert.org/vuls/id/578798 Thanks to Kang for reporting this vulnerability. This document was written by Jason A Rafail of CERT/CC and is based on information from Secunia.com and SecurityTracker.com.
If you have feedback, comments, or additional information about this vulnerability, please send us
email. |
|||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||
Get Adobe Reader