Rabu, 29 Januari 2014

Apple fixes CVE 2010 4013 in Mac OS X v10 6 6 update

Its always nice to see Apple fix security holes Ive reported.  Thanks for promptly addressing this issue.

The official description from their bulletin (http://support.apple.com/kb/HT4498):


PackageKit
CVE-ID: CVE-2010-4013
Available for: Mac OS X v10.6 through v10.6.5, Mac OS X Server v10.6 through v10.6.5
Impact: A man-in-the-middle attacker may be able to cause an unexpected application termination or arbitrary code execution
Description: A format string issue exists in PackageKits handling of distribution scripts. A man-in-the-middle attacker may be able to cause an unexpected application termination or arbitrary code execution when Software Update checks for new updates. This issue is addressed through improved validation of distribution scripts. This issue does not affect systems prior to Mac OS X v10.6. Credit to Aaron Sigel of vtty.com for reporting this issue.

, , , , , , , , , , ,
lamsim

About lamsim

Author Description here.. Nulla sagittis convallis. Curabitur consequat. Quisque metus enim, venenatis fermentum, mollis in, porta et, nibh. Duis vulputate elit in elit. Mauris dictum libero id justo.

Subscribe to this Blog via Email :

© Copyright 2015 Computer Blog. Distributed by My Blogger Themes. Designed by Bloggertheme9.
Powered by Blogger.