Published: 2008-09-26T06:36+00:00
Last Updated: 2008-09-26T06:36+00:00
TRTA08-260A
Apple Updates for Multiple Vulnerabilities
Overview
Apple has released Security Update 2008-006 and Mac OS X version 10.5.5 to correct multiple vulnerabilities affecting Apple Mac OS X and Mac OS X Server. Attackers could exploit these vulnerabilities to execute arbitrary code, gain access to sensitive information, or cause a denial of service.
Event Information
| Date (UTC) | Description |
| 2008-09-16 19:53 |
US-CERT TA08-260A: Apple Updates for Multiple Vulnerabilities Via US-CERT Mailing List |
| 2008-09-16 13:28 |
SANS Internet Storm Center Apple Updates you may have missed in the past week (Version: 2) |
| 2008-09-16 12:02 |
US-CERT Apple Releases Security Updates for Multiple Vulnerabilities US-CERT Current Activity Apple has released Security Update 2008-006 and Mac OS X v10.5.5 to address multiple vulnerabilities in Mac OS X and related products. The impacts of these vulnerabilities include arbitrary code execution, information disclosure, denial of service, privilege escalation, or DNS cache poisoning. |
| 2008-09-16 00:43 |
SANS Internet Storm Center MacOSX 10.5.5 and Security Update (Version: 3) Apple released OSX update 10.5.5. |
| 2008-09-15 |
Apple Apple knowledgebase article HT3137: About the security content of Mac OS X v10.5.5 and Security Update 2008-006 This document describes the security content of Mac OS X v10.5.5 and Security Update 2008-006. |
| 2008-09-12 |
Apple Apple knowledgebase article HT3129: About the security content of iPhone v2.1 This document describes the security content of iPhone v2.1. |
| 2008-09-12 |
Apple Apple knowledgebase article HT3026: About the security content of iPod touch v2.1 This document describes the security content of iPod touch v2.1. |
| 2008-09-10 13:11 |
US-CERT Apple Releases Security Updates US-CERT Current Activity Apple has released four security updates to address multiple vulnerabilities in iTunes, QuickTime, iPod touch, and Bonjour for Windows. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, conduct DNS cache poisoning attacks, spoof or hijack TCP sessions, access the system with escalated privileges, or obtain sensitive information. |
| 2008-09-10 04:15 |
SANS Internet Storm Center Apple updates iPod Touch + Bonjour for Windows iPod Touch and Bonjour for Windows got updated. |
| 2008-09-09 20:28 |
SANS Internet Storm Center Apple updates iTunes+QuickTime iTunes and QuickTime got updated. |
| 2008-09-09 |
Apple Apple knowledgebase article HT2990: About the security content of Bonjour for Windows 1.0.5 This document describes the security content of Bonjour for Windows 1.0.5. |
| 2008-09-09 |
Apple Apple knowledgebase article HT3025: About the security content of iTunes 8.0 This document describes the security content of iTunes 8.0. |
| 2008-09-09 |
Apple Apple knowledgebase article HT3027: About the security content of QuickTime 7.5.5 This document describes the security content of QuickTime 7.5.5. |
| 2008-08-19 |
Zero Day Initiative (ZDI) ZDI-08-057: Apple QuickTime IV32 Codec Parsing Stack Overflow Vulnerability CVE-2008-3635 Vulnerability Reported |
| 2008-06-25 |
Zero Day Initiative (ZDI) ZDI-08-058: Apple QuickTime Panorama PDAT Atom Parsing Buffer Overflow Vulnerability CVE-2008-3625 Vulnerability Reported |
| 2008-05-19 |
Zero Day Initiative (ZDI) ZDI-08-062: Apple QuickTime MDAT Frame Parsing Memory Corruption Vulnerability CVE-2008-3627 Vulnerability Reported |
| 2008-05-15 |
Zero Day Initiative (ZDI) ZDI-08-060: Apple QuickTime AVC1 Atom Parsing Heap Overflow Vulnerability CVE-2008-3627 Vulnerability Reported |
| 2008-05-15 |
Zero Day Initiative (ZDI) ZDI-08-059: Apple QuickTime STSZ Atom Parsing Heap Corruption Vulnerability CVE-2008-3625 Vulnerability Reported |
| 2008-05-13 |
Zero Day Initiative (ZDI) ZDI-08-061: Apple QuickTime Player H.264 Parsing Heap Corruption Vulnerability CVE-2008-3627 Vulnerability Reported |
| 2007-05-13 |
iDefense Apple QuickTime PICT Integer Overflow Vulnerability CVE-2008-3614 Vulnerability Reported QuickTime is vulnerable to an integer overflow vulnerability when handling malformed PICT files. This issue results in heap corruption which can lead to arbitrary code execution. |
Other Information