toggle

AAPL Stock: 116.5 ( + 0.19 )

Printed from http://www.macnn.com

Unpatched Safari vulnerability surfaces

updated 08:30 am EST, Fri January 12, 2007

Unpatched Safari flaw

LMH has reported an unpatched vulnerability in Safari that could result in remote code execution. Malicious users could exploit the flaw, which stems from an integer overflow error in the "ffs_mountfs()" function when handling UFS filesystem disc images, to cause a heap-based buffer overflow from a specially crafted UFS DMG image. Secunia notes that successful exploitation of the vulnerability could allow attackers to execute arbitrary code. The firm adds that the flaw is only remotely exploitable via Apple's Safari Web browser, and only when the "Open safe files after downloading" option is enabled. The vulnerability is known to affect Mac OS X 10.4.8, but may afflict other versions of Mac OS X as well. Users can prevent exploitation by disabling the "Open safe files after downloading" option, and by granting system access only to trusted users.




by MacNN Staff

POST TOOLS:

TAGS :

toggle

Comments

  1. Sprocket

    Joined: Dec 1969

    0

    Must be a slow 'hype'

    day for LMH and Secunia if "Users can prevent exploitation by disabling the "Open safe files after downloading" option, and by granting system access only to trusted users." is the fix.

    I'm surprised, though, that this fix STILL isn't the default after we went through this similar issue last year. Wake up, Apple!

  1. Horsepoo!!!

    Joined: Dec 1969

    0

    Not a Safari vuln

    That's not a Safari vulnerability...that's a ffs_mountfs() vulnerability.

  1. mitchcohen

    Joined: Dec 1969

    0

    UFS?

    Ok, show of hands on those who have UFS installed on their Macs? Nope, didn't think so. :-)

    The report above (and likely, LMH) fails to mention Macs drives come formatted as HFS+, not UFS. One would have to reformat their boot drive as UFS (and have a reason for doing so) before being potentially susceptible to this issue. And with extremely few users requiring UFS, and with lots of trouble running regular Mac apps on UFS, it's an extremely rare file system for Mac users. Mostly certain limited server needs and unix development people.

  1. ::maroma::

    Joined: Dec 1969

    0

    "unpatched" vulnerability

    = redundant.

    Of course its unpatched, otherwise the vulnerability wouldn't be there, would it?

    Duh?

  1. Person Man

    Joined: Dec 1969

    0

    mitchcohen, you don't...

    ...understand.

    They are talking about disk images formatted as UFS. Not your drive. The disk image has to be formatted as UFS and the headers have to be corrupted to trigger the bug.

    Big difference. We ARE vulnerable, whether our drives are formatted as HFS+ or not.

  1. UberFu

    Joined: Dec 1969

    0

    Wow - I have to...

    do a whole lot to avoid this [read - absolutely nothing]

    person man.....

    not really mitchcohen was on the right track just wrong direction_

    Standard default for disk image creation on a Mac system for most Apps that create these types of files is HFS+

    So a user has to change a setting manually to create a UFS formatted image to begin with_

    Preventative medicine on this is to watch what you download and uncheck the "open safe files after downloading" box_ brain surgery_

    Let me know when there's something out there worth my time_

  1. testudo

    Joined: Dec 1969

    0

    Re: wow

    Amazing, uberfu, you've completely missed it as bad as mitchcohen. Its not about disk images YOU create, but those created by others.

    Your argument could be taken that most Windows problems aren't problems, because "who would type in a specially crafted URL into a browser window to begin with?".

  1. test22

    Joined: Dec 1969

    0

    test comments valu

    test comments valu

  1. test22

    Joined: Dec 1969

    0

    tets

    tes

  1. test22

    Joined: Dec 1969

    0

    test comments1111

    test comments11311

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

MacNN Sponsor

Recent Reviews

Plantronics BackBeat Pro Bluetooth headphones

Looking for a pair of headphones that can do everything a user requires is a task that can take some study. Trying to decide on in-ear ...

MaxUpgrades 512GB Retina MacBook Pro SSD

Apple's Retina line of MacBook Pro notebooks have been impressive, right from their debut in 2012. Thinner than the previous model, t ...

Lemur BlueDriver

"Oh no, the check engine light is on…again! What one of the hundreds of reasons could it be this time? Probably going to cost a for ...

toggle

Most Commented