Apple.macOS.Mail.Attachment.Name.Buffer.Overflow

description-logoDescription

It indicates a possible exploit of a buffer overflow vulnerability, in the Mail program in Apple Mac OS X, that may allow remote attackers to execute arbitrary code via a long Real Name value in an e-mail attachment sent in AppleDouble format.

affected-products-logoAffected Products

Apple Mac OS X Server 10.4.5
Apple Mac OS X Server 10.4.4
Apple Mac OS X Server 10.4.3
Apple Mac OS X Server 10.4.2
Apple Mac OS X Server 10.4.1
Apple Mac OS X Server 10.4
Apple Mac OS X 10.4.5
Apple Mac OS X 10.4.4
Apple Mac OS X 10.4.3
Apple Mac OS X 10.4.2
Apple Mac OS X 10.4.1
Apple Mac OS X 10.4

Impact logoImpact

Privilege escalation.

recomended-action-logoRecommended Actions

Apply patch,available from the web site.
Apple Mac OS X Server 10.4.5
* Apple SecUpd2006-002Intel.dmg
http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty1.pl/product=09965&cat= 1&platform=osx&method=sa/SecUpd2006-002Intel.dmg
* Apple SecUpd2006-002Ti.dmg
http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty1.pl/product=09964&cat= 1&platform=osx&method=sa/SecUpd2006-002Ti.dmg
Apple Mac OS X 10.4.5
* Apple SecUpd2006-002Intel.dmg
http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty1.pl/product=09965&cat= 1&platform=osx&method=sa/SecUpd2006-002Intel.dmg
* Apple SecUpd2006-002Ti.dmg
http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty1.pl/product=09964&cat= 1&platform=osx&method=sa/SecUpd2006-002Ti.dmg

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)