Lists

Terms and Conditions
Lists hosted on this site
Email the Postmaster
Tips for posting to public mailing lists

Re: Today's OS X Security Update & ColorSync

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Today's OS X Security Update & ColorSync

Subject: Re: Today's OS X Security Update & ColorSync
From: Tom Beckenham <email@hidden>
Date: Wed, 26 Jan 2005 11:42:48 +1100

>From http://docs.info.apple.com/article.html?artnum=300770

Component: ColorSync
 Available for: Mac OS X v10.3.7, Mac OS X Server v10.3.7, Mac OS X v10.2.8,
Mac OS X Server v10.2.8
 CVE-ID: CAN-2005-0126
 Impact: Malformed ICC color profiles could overwrite the program heap,
resulting in arbitrary code execution.
 Description: An out-of-specification or improperly embedded ICC color
profile could overwrite the program heap and allow arbitrary code execution.
There are no known exploits for this issue. With this update, ColorSync will
reject incorrectly-formed ICC color profiles.

On 26/1/05 11:35 AM, "Gary Smith" <email@hidden> wrote:

> Does anyone have any info about today's Security Update for OS X
> 10.3.7 & 10.2.8? I'm curious as to what the vulnerability that
> involved ColorSync was (is).
>
> Gary Smith
>  _______________________________________________
> Do not post admin requests to the list. They will be ignored.
> Colorsync-users mailing list      (email@hidden)
> Help/Unsubscribe/Update your Subscription:
> om.au
>
> This email sent to email@hidden

 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Colorsync-users mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden

References:
	>Today's OS X Security Update & ColorSync (From: Gary Smith <email@hidden>)

Prev by Date: Re: Today's OS X Security Update & ColorSync
Next by Date: OT-parts
Previous by thread: Re: Today's OS X Security Update & ColorSync
Next by thread: OT-parts
Index(es):
- Date
- Thread