• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
APPLE-SA-2011-07-20-2 iWork 9.1 Update
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

APPLE-SA-2011-07-20-2 iWork 9.1 Update


  • Subject: APPLE-SA-2011-07-20-2 iWork 9.1 Update
  • From: Apple Product Security <email@hidden>
  • Date: Mon, 25 Jul 2011 11:25:07 -0700

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

APPLE-SA-2011-07-20-2 iWork 9.1 Update

iWork 9.1 Update is now available and addresses the following:

Numbers
Available for:  iWork 9.0 through 9.0.5
Impact:  Opening a maliciously crafted Excel file may lead to an
unexpected application termination or arbitrary code execution
Description:  A buffer overflow existed in the handling of Excel
files. Opening a maliciously crafted Excel file in Numbers may lead
to an unexpected application termination or arbitrary code execution.
CVE-ID
CVE-2010-3785 : Apple

Numbers
Available for:  iWork 9.0 through 9.0.5
Impact:  Opening a maliciously crafted Excel file may lead to an
unexpected application termination or arbitrary code execution
Description:  A memory corruption issue existed in the handling of
Excel files. Opening a maliciously crafted Excel file in Numbers may
lead to an unexpected application termination or arbitrary code
execution.
CVE-ID
CVE-2010-3786 : Tobias Klein, working with VeriSign iDefense Labs

Pages
Available for:  iWork 9.0 through 9.0.5
Impact:  Opening a maliciously crafted Microsoft Word document may
lead to an unexpected application termination or arbitrary code
execution
Description:  A memory corruption issue existed in the handling of
Microsoft Word documents. Opening a maliciously crafted Microsoft
Word document in Pages may lead to an unexpected application
termination or arbitrary code execution.
CVE-ID
CVE-2011-1417 : Charlie Miller and Dion Blazakis working with
TippingPoint's Zero Day Initiative


iWork 9.1 Update is available via the Apple Software Update application, or Apple's Software Downloads web site: http://www.apple.com/support/downloads/

The download file is named: iWork9.1Update.dmg
Its SHA-1 digest is: ecb38db74d7d1954cbcee9220c73dac85cace3e1

Information will also be posted to the Apple Security Updates
web site: http://support.apple.com/kb/HT1222

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (Darwin)

iQEcBAEBAgAGBQJOKcGrAAoJEGnF2JsdZQeewcYH/RhHdLa6x14PX+ZTC+sm1Mjc
W1xBpOxMuBpAx3Li6INXXLvMablTgPIs5e3pbtsV0RYtsJy99JdPySPI8bpQu0Si
CVWuXXSBYy2gdTtRAf6MI3j+oOyM1JhE7GunLBWcmAzv5TxS8TRf0HtNErFEe8NA
StV8QBWLErNyHxqjUQsIb5d1KbIbOysFQZy3O6pyZ6SRwr8tlIPKnY4KsaDYS5Ry
tpv3lMysde5NqCy8BeOQEtW/WAmE7i9NCCNfU2L+OfGQOXIdXmKl7Orjj+d9l23L
umGo9GCACvBVO1Ot6jKDlCW+ZuDRGuz+fhQnwOdyoqtwUwiNCsS6VIwuYYrcmxw=
=wrny
-----END PGP SIGNATURE-----

_______________________________________________
Do not post admin requests to the list. They will be ignored.
Security-announce mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden


  • Prev by Date: APPLE-SA-2011-07-20-1 Safari 5.1 and Safari 5.0.6
  • Next by Date: APPLE-SA-2011-07-25-2 iOS 4.2.10 Software Update for iPhone
  • Previous by thread: APPLE-SA-2011-07-20-1 Safari 5.1 and Safari 5.0.6
  • Next by thread: APPLE-SA-2011-07-25-2 iOS 4.2.10 Software Update for iPhone
  • Index(es):
    • Date
    • Thread