• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: Today's OS X Security Update & ColorSync (Gary Smith)
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Today's OS X Security Update & ColorSync (Gary Smith)

  • Subject: Re: Today's OS X Security Update & ColorSync (Gary Smith)
  • From: Graeme Gill <email@hidden>
  • Date: Thu, 27 Jan 2005 11:50:53 +1100
  • Organization: Argyll CMS
Gary Smith wrote:
Thanks for the cut & paste info Tom & Martin. I had already read that before I posted. I was just seeking some more "organic" feedback from someone with some hands-on info. 

Any file format used for interchanging information, will have one or more
sets of software libraries crafted to read and write that format (file parsers).
By "read" and "write" that means translating between the file stream and some
internal (usually memory resident) form. There is always the possibility that
the code is crafted in such a way that it doesn't properly handle an unexpected,
non-standard stream of file data. "Not properly handle" means that it may well
allow a carefully crafted stream of file information to load arbitrary code, and
cause your computer to execute it. This is of especially high concern if the file
parsing software is "part of the operating system", and is therefore running with
elevated security/access privileges (ie. the arbitrary code can do more damage).

Various parties are increasingly waking up to the fact that there are hundreds of
different interchange file formats out there, and every implementation of a file
parser for a format, is a potential access point for a worm or virus. There have
been recent scares over things like raster image formats (TIFF,  BMP etc.), as well
as more visible things like web formats, and I'm sure that there will be many more.

It has certainly occurred to me that there is a very high probability that every
single ICC parsing library currently in existence, has bugs in it that would allow
a carefully crafted ICC profile to load and execute arbitrary code on a computer
that tries to load the profile, thereby introducing a virus, trojan or worm.

It seems that this thought has also occurred to Apple, and that they have audited their
Colorsync library, and taken some measures to eliminate some of these types of
vulnerabilities.

Graeme Gill.
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Colorsync-users mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden






References: 


 >Today's OS X Security Update & ColorSync (Gary Smith) (From: Gary Smith <email@hidden>)






    

  • Prev by Date:
Re: 10.3.7 Security update and Colorsync?

    • 

  • Next by Date:
Re: Averaging profiles?

    • 

  • Previous by thread:
Today's OS X Security Update & ColorSync (Gary Smith)

    • 

  • Next by thread:
10.3.7 Security update and Colorsync?

    • 

  • Index(es):

      

    • Date
      • 

    • Thread
      • 

    

    •