Vulnerability Note VU#980078

Apple Mac OS X vulnerable to buffer overflow in ColorSync ICC color profile handling

Overview

Apple's Mac OS X operating system contains a flaw in the handling of ICC color profiles, which may allow arbitrary code execution through a heap-based buffer overflow.

I. Description

The Apple Mac OS X operating system contains support for ICC color profiles in the ColorSync component. This component contains a flaw in checking boundary conditions which may allow arbitrary code execution. When checking certain parameters in ICC color profiles, improperly formatted or maliciously crafted embedded profiles may cause a heap-based buffer overflow which would allow arbitrary code execution.

II. Impact

An attacker with the ability to supply a maliciously crafted profile may be able to execute arbitrary code on a vulnerable system.� The attacker-supplied code would be executed with the privileges of the user running ColorSync.

III. Solution

Apply a patch

Apple advises all users to apply Apple Security Update 2005-001, as it fixes this flaw and other critical security flaws. More information can be found at:

<http://docs.info.apple.com/article.html?artnum=300770>

Systems Affected

Vendor	Status	Date Notified	Date Updated
Apple Computer Inc.	Vulnerable	27-Jan-2005

References

http://docs.info.apple.com/article.html?artnum=300770
http://secunia.com/advisories/14005/

Credit

Thanks to Apple Product Security for reporting this vulnerability.

This document was written by Ken MacInnis.

Other Information

Date Public:	2005-01-25
Date First Published:	2005-01-27
Date Last Updated:	2005-01-27
CERT Advisory:
CVE-ID(s):	CAN-2005-0126
NVD-ID(s):	CAN-2005-0126
US-CERT Technical Alerts:
Metric:	4.13
Document Revision:	7

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Get Adobe Reader