Apple.macOS.Mail.Attachment.Name.Buffer.Overflow
Description
It indicates a possible exploit of a buffer overflow vulnerability, in the Mail program in Apple Mac OS X, that may allow remote attackers to execute arbitrary code via a long Real Name value in an e-mail attachment sent in AppleDouble format.
Affected Products
Apple Mac OS X Server 10.4.5
Apple Mac OS X Server 10.4.4
Apple Mac OS X Server 10.4.3
Apple Mac OS X Server 10.4.2
Apple Mac OS X Server 10.4.1
Apple Mac OS X Server 10.4
Apple Mac OS X 10.4.5
Apple Mac OS X 10.4.4
Apple Mac OS X 10.4.3
Apple Mac OS X 10.4.2
Apple Mac OS X 10.4.1
Apple Mac OS X 10.4
Impact
Privilege escalation.
Recommended Actions
Apply patch,available from the web site.
Apple Mac OS X Server 10.4.5
* Apple SecUpd2006-002Intel.dmg
http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty1.pl/product=09965&cat= 1&platform=osx&method=sa/SecUpd2006-002Intel.dmg
* Apple SecUpd2006-002Ti.dmg
http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty1.pl/product=09964&cat= 1&platform=osx&method=sa/SecUpd2006-002Ti.dmg
Apple Mac OS X 10.4.5
* Apple SecUpd2006-002Intel.dmg
http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty1.pl/product=09965&cat= 1&platform=osx&method=sa/SecUpd2006-002Intel.dmg
* Apple SecUpd2006-002Ti.dmg
http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty1.pl/product=09964&cat= 1&platform=osx&method=sa/SecUpd2006-002Ti.dmg
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |