Vulnerability found in Mac OS 10.5 and 10.6

By siliconindia | Monday, 11 January 2010, 18:47 IST

Bangalore: Security researchers at SecurityReason have demonstrated a Proof of concept exploit code in versions 10.5 and 10.6 of Apple's Mac OS X operating system. The vulnerability is a potential buffer overflow error arising from the use of the strtod function in Mac OS X's underlying Unix code. SecurityReason's advisory describes a flaw in the libc/gdtoa code in OpenBSD, NetBSD, FreeBSD, and MacOS X, as well as Google Chrome, Mozilla Firefox and other Mozilla software, Opera, KDE, and K-Meleon, according to InformationWeek. This vulnerability has been rated high risk by SecurityReason's advisors. They claim that this vulnerability could be remotely exploited. The vulnerability was addressed in FreeBSD and NetBSD last summer. And shortly thereafter Google and Mozilla, among other vendors, did the same. Apple has not yet updated its software to incorporate the fix.

Siliconindia

Vulnerability found in Mac OS 10.5 and 10.6

Featured Vendors

Singh Biotechnology: Unlocking the “Undruggable”

Fixpliance AI: Fixing Compliance at the Speed of AI

Harness: Unified AI Platform for Faster, Safer Delivery

Straiker: Unlocking AI’s Future

Mem0: The Missing Link in AI at Scale

Votal AI: Redefining Workforce Efficiency Through Ethical AI