• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

RETIRED: Apple Mac OS X 2008-007 Multiple Security Vulnerabilities

Apple Mac OS X is prone to multiple security vulnerabilities that have been addressed in Security Update 2008-007.

The security update addresses a total of 11 new vulnerabilities that affect the ColorSync, CUPS, Finder, launchd, Networking, Postfix, PSNormalizer, rlogin, Script Editor, and Weblog components of Mac OS X. The advisory also contains security updates for 30 previously reported issues.

NOTE: This BID is being retired; the following individual records have been created to better document these issues:

31716 Apple Script Editor Unspecified Insecure Temporary File Creation Vulnerability
31718 Apple Mac OS X Server Weblog Access Control List Security Bypass Vulnerability
31708 Apple Mac OS X 'hosts.equiv' Security Bypass Vulnerability
31721 Apple Mac OS X 10.5 Postfix Security Bypass Vulnerability
31719 Apple PSNormalizer PostScript Buffer Overflow Vulnerability
31711 Apple Mac OS X 'configd' EAPOLController Plugin Local Heap Based Buffer Overflow Vulnerability
31715 Apple Mac OS X ColorSync ICC Profile Remote Buffer Overflow Vulnerability
31720 Apple Finder Denial of Service Vulnerability
31707 Apple OS X QuickLook Excel File Integer Overflow Vulnerability
31688 CUPS 'HP-GL/2' Filter Remote Code Execution Vulnerability
31722 Apple Mac OS X 10.5 'launchd' Unspecified Security Bypass Vulnerability