Apple Mac OS X CoreFoundation CFData Object Handling Code Execution Vulnerability

Apple Mac OS X is prone to a remote code-execution vulnerability affecting CoreFoundation.

Successful exploits will allow attackers to execute arbitrary code in the context of the affected component. Failed exploit attempts will likely result in denial-of-service conditions.

This issue affects Mac OS X 10.4.11, Mac OS X Server 10.4.11, Mac OS X 10.5 - 10.5.2, and Mac OS X Server 10.5 - 10.5.2.

NOTE: This issue was previously covered in BID 29412 (Apple Mac OS X 2008-003 Multiple Security Vulnerabilities) but has been given its own record to better document the vulnerability.


Privacy Statement
Copyright 2010, SecurityFocus