SkipNavigation
Home | FAQ | Contact | Privacy Policy
US-CERT
American Flag
  Vulnerability
Notes
Database

Search Vulnerability Notes

Vulnerability Notes Help Information


 
 View Notes By
  Name

ID Number

CVE Name

Date Public

Date Published

Date Updated

Severity Metric
 Other Documents
  Technical Alerts

Technical Bulletins

Alerts

Security Tips

Vulnerability Note VU#435188

Apple Mac OS X AppKit vulnerable to buffer overflow via the handling of maliciously crafted rich text files

Overview

A buffer overflow vulnerability exists in a component of Apple's Mac OS X operating system that handles rich text files.

I. Description

The Cocoa Application Framework (also referred to as the Application Kit, or AppKit) is one of the core Cocoa frameworks supplied with Apple's Mac OS X operating system. It provides functionality and associated application program interfaces (APIs) for applications, including objects for graphical user interfaces (GUIs), event-handling mechanisms, application services, and drawing and image composition facilities.

A buffer overflow exists in the AppKit component designed to handle rich text (.rtf) files. This vulnerability affects applications that use AppKit (such as TextEdit) to open .rtf files. A maliciously crafted .rtf file could be used to execute arbitrary code on a vulnerable system.

II. Impact

An attacker with the ability to supply a maliciously crafted .rtf file could execute arbitrary code on a vulnerable system. The attacker-supplied code would be executed with the privileges of the user opening the malicious file.

III. Solution

Apply a patch


Apple has released a patch to address this issue and other security issues in Security Update 2005-007. Users are encouraged to apply the patches from this update.

Systems Affected

VendorStatusDate NotifiedDate Updated
Apple Computer, Inc.Vulnerable17-Aug-2005

References


http://secunia.com/advisories/16449/
http://www.auscert.org.au/5391
http://www.ciac.org/ciac/bulletins/p-276.shtml

Credit

Thanks to Apple Product Security for reporting this vulnerability.

This document was written by Chad R Dougherty based on information supplied by Apple.

Other Information

Date Public:2005-08-15
Date First Published:2005-08-17
Date Last Updated:2005-08-18
CERT Advisory: 
CVE-ID(s):CAN-2005-2501
NVD-ID(s):CAN-2005-2501
US-CERT Technical Alerts: 
Metric:15.49
Document Revision:9

If you have feedback, comments, or additional information about this vulnerability, please send us email.
 

 
Page Corner Image
Produced 2005 by US-CERT, a government organization
Disclaimers and copyright information
Get Adobe Reader Get Adobe Reader