Apple AppKit String Containing Bidirectional Text Buffer Overflow Vulnerability

Apple AppKit is prone to a remote buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data.

Successful exploits may allow attackers to execute arbitrary code in the context of the currently logged-in user; failed exploit attempts will cause denial-of-service conditions.

This issue affects Apple Mac OS X 10.6 to 10.6.4 and Mac OS X Server 10.6 to 10.6.4.

NOTE: This issue was previously covered in BID 44778 (Apple Mac OS X Prior to 10.6.5 Multiple Security Vulnerabilities), but has been given its own record to better document it.


 

Privacy Statement
Copyright 2010, SecurityFocus