|
|
|
Vulnerability Note VU#566875Apple Help Viewer vulnerable to buffer overflowOverviewA vulnerability in the way Apple Help Viewer handles specially crafted URLs may allow an attacker to execute arbitrary code or cause a denial of service.I. DescriptionAccording to Apple Security Update 2008-003:An integer underflow in Help Viewer's handling of help:topic URLs may result in a buffer overflow. Accessing a malicious help:topic URL may lead to an unexpected application termination or arbitrary code execution. Note that this issue affects systems running Mac OS X prior to version 10.5. II. ImpactA remote, unauthenticated attacker may be able to execute arbitrary code or cause a denial of service.III. SolutionApply UpdateThis issue is addressed in Apple Security Update 2008-003. An update for Mac OS X is available on Apple Downloads and via Software Update.
References
This issue was reported in Apple Security Update 2008-003. Apple credits Paul Haddad of PTH with reporting this issue. This document was written by Chris Taschner.
If you have feedback, comments, or additional information about this vulnerability, please send us
email. |
||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
Get Adobe Reader