Vulnerability Note VU#980084
Apple Mail buffer overflow vulnerability
OverviewApple Mail contains a buffer overflow that may allow a remote attacker to execute arbitrary code on a vulnerable system.
I. DescriptionApple Mail
Mac OS X includes the Mail application (Mail.app) for handling electronic mail.
The Problem
Apple Mail contains a buffer overflow caused by lack of validation on MIME encapsulted files. The buffer overflow may be triggered when an email message with a specially crafted attachment is opened with Mail.
Considerations
According to public reports this vulnerability is introduced by Apple Security Update 2006-001.
Exploit code for this vulnerability is publicly available.
II. ImpactBy convincing a user to open a specially crafted attachment, a remote, unauthenticated attacker may be able to execute arbitrary code with the privileges of the user running Mail.
III. SolutionInstall an update
This issue is corrected in Apple Security Update 2006-002.
Do not open attachments from untrusted sources
To protect against Only open email attachemnts from trusted or known sources.
Systems Affected
References
http://www.digitalmunition.com/DMA[2006-0313a].txt
http://docs.info.apple.com/article.html?artnum=303453
http://secunia.com/advisories/19129/
Credit
This vulnerability was reported by Kevin Finisterre.
This document was written by Jeff Gennari.
Other Information
| Date Public | 03/13/2006 |
| Date First Published | 03/17/2006 09:06:41 AM |
| Date Last Updated | 03/29/2006 |
| CERT Advisory | |
| CVE-ID(s) | CVE-2006-0396 |
| NVD-ID(s) | CVE-2006-0396 |
| US-CERT Technical Alerts | |
| Metric | 6.63 |
| Document Revision | 21 |
If you have feedback, comments, or additional information about this vulnerability, please send us
email.
|
Get Adobe Reader