Apple delivers hefty patch haul; Addresses Leopard flaws and Safari

Summary:Apple on Monday delivered another 41 patches to address multiple vulnerabilities in Mac OS X and Mac OS X Server including more than a few for Leopard.The security update, which matches last month's patch crop from Apple, features a few common threads.

Apple on Monday delivered another 41 patches to address multiple vulnerabilities in Mac OS X and Mac OS X Server including more than a few for Leopard.

The security update, which matches last month's patch crop from Apple, features a few common threads. Among them:

  • Leopard and Tiger are affected;
  • The patches mostly cover flaws that allow hackers to take over your system;
  • Execution holes abound throughout Mac OS X in iChat,  Core Foundation, Quick Look and Desktop Services;
  • Apple has been busy on the security front. Last week, Apple delivered a Java runtime update and patched a bunch of QuickTime. QuickTime has been under fire of late.

In any case, it is recommended that you update. Here's the laundry list of Apple's latest round of patches.

CVE-2007-4708: This plugs vulnerability in Address Book's URL handler. Apple says: "By enticing a user to visit a maliciously crafted website, a remote attacker may cause an unexpected application termination or arbitrary code execution. This update addresses the issue through improved handling of format strings." Versions affected include Mac OS X v10.4.11 and Mac OS X Server v10.4.11. Anyone running Mac OS X 10.5 or later isn't affected.

CVE-2007-4709: This one covers the Mac OS X v10.5.1, Mac OS X Server v10.5.1--also known as Leopard. The problem: "A path traversal issue exists in CFNetwork's handling of downloaded files," said Apple. In a nutshell, visiting a malicious Web site could allow the automatic download of files to arbitrary folders, which is a nice way of saying your computer has been hijacked.

CVE-2007-4710: This covers Mac OS X v10.4.11, Mac OS X Server v10.4.11 and doesn't affect Leopard. Specifically, Apple is addressing ColorSync. The issue: "Viewing a maliciously crafted image with an embedded ColorSync profile may lead to an unexpected application termination or arbitrary code execution." Leopard not affected.

CVE-2007-5847: Again, this ditty covers Mac OS X v10.4.11, Mac OS X Server v10.4.11. (See a trend here yet?). The problem is Core Foundation, which could disclose sensitive information. Leopard not affected.

CVE-2007-5848: This one covers a CUPs vulnerability in a printer driver. Apple says "a local admin user may be able to gain system privileges." Leopard not affected.

CVE-2007-4351: Another CUPS problem and this one affects Leopard. Specifically, the OS X flavors impacted include Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.1, Mac OS X Server v10.5.1. The update corrects for a memory corruption issue in the handling of Internet Printing Protocol tags that could lead to an application crash or arbitrary code execution.

CVE-2007-5849: Another CUPs issue affecting Leopard and Leopard Server. Apple says: "If SNMP is enabled, a remote attacker may cause an unexpected application termination or arbitrary code execution. Description: "The CUPS backend SNMP program broadcasts SNMP requests to discover network print servers."

CVE-2007-5850: This one covers desktop services in Mac OS X v10.4.11, Mac OS X Server v10.4.11. Leopard isn't impacted. The gist: There's a buffer overflow problem in Finder that can lead to an arbitrary code execution. Leopard not affected.

CVE-2007-5476: Affects the Flash Player plug-in for Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.1 and Mac OS X Server v10.5.1. There are multiple vulnerabilities addressed by Adobe.

CVE-2007-4131: This one corrects a "maliciously crafted tar archive," an issue with GNU Tar. Affects Mac OS X v10.4.11, Mac OS X Server v10.4.11, but Leopard in the clear.

CVE-2007-5851: iChat is the issue here. The problem: A person on local network may initiate a video connection without permission. Leopard not impacted, but does cover Mac OS X v10.4.11 and Mac OS X Server v10.4.11.

CVE-2007-5853: IO storage issue where "opening a maliciously crafted disk image may lead to an unexpected system shutdown or arbitrary code execution. Leopard in the clear, but Mac OS X v10.4.11, Mac OS X Server v10.4.11 isn't.

CVE-2007-5854: This one fixes launch services in Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.1, Mac OS X Server v10.5.1. The problem: "Opening a maliciously crafted HTML file may lead to information disclosure or cross-site scripting."

CVE-2007-6165: Another launch services problem, this time "opening an executable mail attachment may lead to arbitrary code execution with no warning." Affects Leopard and Leopard Server.

CVE-2007-5855: Affects mail on Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.1, Mac OS X Server v10.5.1. The problem: "SMTP accounts set up through Account Assistant may use plaintext authentication even when MD5 Challenge-Response authentication is available."

CVE-2007-5116 and CVE-2007-4965: Addresses problems with perl and python, respectively. Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.1, Mac OS X Server v10.5.1 impacted.

CVE-2007-5856 and CVE-2007-5857: Both address Quick Look vulnerabilities in Leopard. Previewing a movie can disclose sensitive information. There are also some URL access issues.

CVE-2007-5770 and CVE-2007-5379, CVE-2007-5380, CVE-2007-6077: Vulnerabilities abound in Ruby libraries and Rails 1.2.3. The first one listed impacts. Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.1, Mac OS X Server v10.5.1. The remainder CVEs impact Leopard only.

CVE-2007-5858: A Safari fix for a information disclosure flaw. Impacts Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.1, Mac OS X Server v10.5.1. Also impacts Safari 3 Beta on Windows XP and Vista.

CVE-2007-5859: Safari RSS has issues on Mac OS X v10.4.11, Mac OS X Server v10.4.11. Maliciously crafted feed may lead to application termination or arbitrary code execution. Leopard not affected.

CVE-2007-4572, CVE-2007-5398: Addresses Samba vulnerabilities. Impacts Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.1, Mac OS X Server v10.5.1.

CVE-2006-0024: Addresses Shockwave woes in Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.1, Mac OS X Server v10.5.1.

CVE-2007-3876: Apple says: "A stack buffer overflow issue exists in the code used by the mount_smbfs and smbutil applications to parse command line arguments, which may allow a local user to cause arbitrary code. Impacts Mac OS X v10.4.11, Mac OS X Server v10.4.11.

CVE-2007-5863: Even Software Update has a few flaws. Leopard impacted by "a man-in-the-middle attack could cause Software Update to execute arbitrary commands execution with system privileges."

CVE-2007-5860: Spin Tracer flaw affecting Leopard. "A local user may be able to execute arbitrary code with system privileges."

CVE-2007-5861: Addresses Spotlight flaws. Affects Mac OS X v10.4.11, Mac OS X Server v10.4.11.

CVE-2007-1218, CVE-2007-3798: Vulnerabilities abound in tcpdump. Affects Mac OS X v10.4.11, Mac OS X Server v10.4.11.

CVE-2007-1659, CVE-2007-1660, CVE-2007-1661, CVE-2007-1662, CVE-2007-4766, CVE-2007-4767, CVE-2007-4768: Multiple vulnerabilities plugged in XQuery. Affects Mac OS X v10.4.11, Mac OS X Server v10.4.11.

Topics: Servers, Apple, Hardware, Operating Systems, Software

About

Larry Dignan is Editor in Chief of ZDNet and SmartPlanet as well as Editorial Director of ZDNet's sister site TechRepublic. He was most recently Executive Editor of News and Blogs at ZDNet. Prior to that he was executive news editor at eWeek and news editor at Baseline. He also served as the East Coast news editor and finance editor at CN... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.