ColorSync
An integer overflow exists in the handling of images with an embedded color profile, which may lead to a heap buffer overflow. Opening a maliciously crafted image with an embedded color profile may lead to an unexpected application termination or arbitrary code execution. The issue is addressed by performing additional validation of color profiles. This issue does not affect Mac OS X v10.6 systems. The issue has already been addressed in Security Update 2009-005 for Mac OS X 10.5.8 systems.
libxml
Multiple use-after-free issues exist in libxml2, the most serious of which may lead to an unexpected application termination. This update addresses the issues through improved memory handling. The issues have already been addressed in Mac OS X 10.6.2, and in Security Update 2009-006 for Mac OS X 10.5.8 systems.
Read More: Here
Tuesday, November 17, 2009
Apple Safari 4.0.4 patches critical vulnerabilities
Subscribe to:
Post Comments (Atom)
1 comments:
Safari 4.0.4 includes improvements to performance, stability, and security. ColorSync An integer overflow exists in the handling of images with an embedded color profile, which may lead to a heal.
creatin
Post a Comment