Published: 2007-12-24T07:41+00:00
Last Updated: 2007-12-24T07:41+00:00
TRTA07-352A
Apple Updates for Multiple Vulnerabilities
Overview
Apple has released Security Update 2007-009 to correct multiple vulnerabilities affecting Apple Mac OS X and Mac OS X Server. Attackers could exploit these vulnerabilities to execute arbitrary code, gain access to sensitive information, surreptitiously initiate a video conference, or cause a denial of service.
Event Information
| Date (UTC) | Description |
| 2007-12-21 |
Apple Article ID: 307224: About Security Update 2007-009 v1.1 Security Update 2007-009 v1.1 addresses an issue introduced in Security Update 2007-009 that may cause Safari to unexpectedly quit when browsing to certain websites. |
| 2007-12-18 23:14 |
US-CERT TA07-352A: Apple Updates for Multiple Vulnerabilities Via US-CERT Mailing List |
| 2007-12-18 13:14 |
US-CERT Apple Releases Security Updates to Address Multiple Vulnerabilities US-CERT Current Activity Apple has released Security Update 2007-009 to address multiple vulnerabilities. The impacts of these vulnerabilities include arbitrary code execution, denial of service, information disclosure, cross-site scripting, privilege escalation, and authentication bypass. |
| 2007-12-17 |
Apple Article ID: 307179: About Security Update 2007-009 |
| 2007-07-16 |
iDefense Apple Mac OS X mount_smbfs Stack Based Buffer Overflow Vulnerability SMB Stack Buffer Overflow Vulnerability (CVE-2007-3876) Vulnerability Reported The vulnerability exists in a portion of code responsible for parsing command line arguments. When processing the -W option, which is used to specify a workgroup name, the option's argument is copied into a fixed sized stack buffer without any checks on its length. This leads to a trivially exploitable stack based buffer overflow. |
Other Information