- #5.8 mac os x 10.6 snow leopard. for mac os x#
- #5.8 mac os x 10.6 snow leopard. movie#
- #5.8 mac os x 10.6 snow leopard. pdf#
- #5.8 mac os x 10.6 snow leopard. update#
- #5.8 mac os x 10.6 snow leopard. portable#
This update only affects systems configured as DirectoryService servers. This may allow a remote attacker to cause an unexpected application termination or arbitrary code execution. This issue does not affect Mac OS X v10.6 systems.Ī memory corruption issue exists in DirectoryService. This update addresses the issue by removing the vulnerable code. This may allow another user on the local network to execute arbitrary code on the user’s system. This issue is addressed through improved handling of HTTP headers and HTML templates.Ī design issue in Dictionary allows maliciously crafted Javascript to write arbitrary data to arbitary locations on the user’s filesystem. This could include print system configuration and the titles of jobs that have been printed. Accessing a maliciously crafted web page or URL may allow an attacker to access content available to the current local user via the CUPS web interface. This issue does not affect systems prior to Mac OS X v10.6.Īn issue in CUPS may lead to cross-site scripting and HTTP response splitting. This update addresses the issue through improved bounds checking.
#5.8 mac os x 10.6 snow leopard. movie#
Viewing a maliciously crafted H.264 movie file may lead to an unexpected application termination or arbitrary code execution. This issue does not affect systems prior to Mac OS X v10.6.Ī heap buffer overflow exists in the handling of H.264 movie files. These issues do not affect Mac OS X v10.6 systems.Ī memory corruption issue exists in the handling of H.264 movie files. This update addresses the issues through improved bounds checking.
#5.8 mac os x 10.6 snow leopard. pdf#
Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution. Multiple integer overflows in CoreGraphics’ handling of PDF files may result in a heap buffer overflow. This update addresses the issue through improved handling of SSL certificates. This issue is mitigated as Mac OS X does not consider such a certificate to be valid for any domain. A user could be misled into accepting an attacker-crafted certificate that visually appears to match the domain visited by the user. These issues do not affect Mac OS X v10.6 systems.Īn implementation issue exists in the handling of SSL certificates which have NUL characters in the Common Name field. Viewing or downloading a document containing a maliciously crafted embedded font may lead to arbitrary code execution. Multiple buffer overflows exist in Apple Type Services’ handling of embedded fonts. Systems running Mac OS X v10.6 are affected only by CVE-2009-2412.
#5.8 mac os x 10.6 snow leopard. portable#
These issues are addressed by updating Apache Portable Runtime to version 1.3.8 on Mac OS X v10.6 systems, and by applying the Apache Portable Runtime patches on Mac OS X v10.5.8 systems. Multiple integer overflows in Apache Portable Runtime (apr) may lead to an unexpected application termination or arbitrary code execution. This issue is addressed by updating the configuration to disable support for the TRACE method. A remote attacker may use this facility to conduct cross-site scripting attacks through certain web client software. The Apache web server allows the TRACE HTTP method. This issue only affects Mac OS X Server systems.Īpache is updated to version 2.2.13 to address several vulnerabilities, the most serious of which may lead to privilege escalation. This update addresses the issue through improved detection of invalid SSH login attempts.
In certain circumstances, Adaptive Firewall may not detect SSH login attempts using invalid user names. These issues do not affect Mac OS X v10.6 systems.Īdaptive Firewall responds to suspicious activity, such as an unusual volume of access attempts, by creating a temporary rule to restrict access.
Connecting to a malicious AFP Server may cause an unexpected system termination or arbitrary code execution with system privileges. Multiple memory corruption issues exist in AFP Client.
#5.8 mac os x 10.6 snow leopard. for mac os x#
The 10.6.2 update is recommended for Mac OS X 10.6 Snow Leopard users and includes general operating system fixes that enhance the stability, compatibility, and security of your Mac.
0 kommentar(er)
