A memory corruption vulnerability in the Mac OS X Bom could allow a remote attacker to execute arbitrary code on an affected system.
Apple's Bom is the archive file handler in the Mac OS X operating system. It features the ability to handle file archives in a number of different formats, including ZIP (.zip) files.
An unspecified heap memory corruption vulnerability exists in Bom's compression state handling that can be triggered by a specially crafted ZIP file.
A remote, unauthenticated attacker may be able to execute code, or cause the affected application to crash.
Thanks to Apple for reporting this issue. Apple in turn credits Tom Ferris of Security-Protocols.com.
|Date First Published:||2006-08-02|
|Date Last Updated:||2006-08-02 18:10 UTC|