Published: 2009-05-17T06:28+00:00    Last Updated: 2009-05-17T06:28+00:00

Apple Updates for Multiple Vulnerabilities (TA09-133A)


Apple has released multiple Security Updates, 2009-002 / Mac OS X version 10.5.7 and Safari 3.2.3, to correct multiple vulnerabilities affecting Apple Mac OS X , Mac OS X Server, and the Safari web browser. Attackers could exploit these vulnerabilities to execute arbitrary code, gain access to sensitive information, or cause a denial of service.

Event Information

Date (UTC)Description
2009-05-13 19:23 US-CERT
TA09-133A: Apple Updates for Multiple Vulnerabilities
Via US-CERT Mailing List
2009-05-13 13:12 US-CERT
Apple Releases Security Update 2009-002, Mac OS X v10.5.7 and Safari 3.2.3
US-CERT Current Activity
Apple has released Security Update 2009-002 and Mac OS X v10.5.7 to address multiple vulnerabilities in a number of applications. These vulnerabilities may allow an attacker to execute arbitrary code, obtain sensitive information, cause a denial-of-service condition, leverage additional attacks, or obtain elevated privileges.
2009-05-12 23:07 SANS Internet Storm Center
Apple patches and updates
Apple released patches today: Apple OS X 10.5.7 update / Security update 2009-002, Safari 4 beta, Safari 3.2.3
2009-05-12 Apple
Apple knowledgebase article HT3549: About the security content of Security Update 2009-002 / Mac OS X v10.5.7
This document describes the security content of Security Update 2009-002 / Mac OS X v10.5.7, which can be downloaded and installed via Software Update preferences, or from Apple Downloads.
2008-03-19 iDefense
Apple Mac OS X xnu Kernel workqueue_additem/workqueue_removeitem Index Validation Vulnerability
Index validation vulnerability (CVE-2008-1517)
Vulnerability Reported
The Mac OS X xnu (Mach) kernel implements workqueues. This allows the kernel to schedule events to take place in a task. An input validation error exists within this implementation, which can lead to execution of arbitrary code in the kernel.