RETIRED: Apple Mac OS X 2008-003 Multiple Security Vulnerabilities

Apple Mac OS X is prone to multiple security vulnerabilities that have been addressed in Security Update 2008-003 and Mac OS X/Mac OS X Server 10.5.3.

The security update addresses a total of 19 new vulnerabilities that affect the AFP Server, AppKit, Apple Pixlet Video, ATS, CFNetwork, CoreFoundation, CoreGraphics, CoreTypes, CUPS, Help Viewer, iCal, International Components for Unicode, Image Capture, ImageIO, Kernel, Mail, Single Sign-On, and Wiki Server components of Mac OS X.

NOTE: This BID is being retired; the following individual records have been created to better document the issues:

29480 Apple Mac OS X CoreGraphics PDF Handling Code Execution Vulnerability
29481 Apple Mac OS X CoreTypes Unsafe Content Warning Weakness
29483 Apple Mac OS X Help Viewer 'help:topic' URI Buffer Overflow Vulnerability
29484 Apple Mac OS X CUPS Debug Logging Information Disclosure Vulnerability
29486 Apple Mac OS X iCal '.ics' File Handling Remote Code Execution Vulnerability
29487 Apple Mac OS X AppKit Malformed File Remote Code Execution Vulnerability
29488 Apple Mac OS X International Components for Unicode Information Disclosure Vulnerability
29489 Apple Mac OS X Pixlet Video Multiple Unspecified Memory Corruption Vulnerabilities
29490 Apple Mac OS X AFP Server File Sharing Unauthorized File Access Vulnerability
29491 Apple Mac OS X CoreFoundation CFData Object Handling Code Execution Vulnerability
29492 Apple Mac OS X Apple Type Services PDF Handling Code Execution Vulnerability
29493 Apple Mac OS X CFNetwork SSL Client Certificate Handling Information Disclosure Vulnerability
29500 Apple Mac OS X Mail Memory Corruption Vulnerability
29501 Apple Mac OS X Image Capture Webserver Directory Traversal Vulnerability
29511 Apple Mac OS X Wiki Server User Name Enumeration Weakness
29513 Apple Mac OS X ImageIO BMP/GIF Image Information Disclosure Vulnerability
29514 Apple Mac OS X ImageIO JPEG2000 Handling Remote Code Execution Vulnerability
29520 Apple Mac OS X Single Sign-On 'sso_util' Local Information Disclosure Vulnerability
29521 Apple Mac OS X Image Capture Local Arbitrary File Overwrite Vulnerability


Privacy Statement
Copyright 2010, SecurityFocus