• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
APPLE-SA-2005-04-19 Security Update 2005-004
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

APPLE-SA-2005-04-19 Security Update 2005-004

  • Subject: APPLE-SA-2005-04-19 Security Update 2005-004
  • From: Apple Product Security <email@hidden>
  • Date: Tue, 19 Apr 2005 16:08:40 -0700
  • Delivered-to: email@hidden
  • Delivered-to: email@hidden
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

APPLE-SA-2005-04-19 Security Update 2005-004

Security Update 2005-004 is now available and delivers the following
security enhancement:

iSync
Available for:  iSync 1.5
CVE-ID:  CAN-2005-0193
Impact:  A buffer overflow in iSync could lead to local privilege
escalation
Description:  The iSync helper tool mRouter contains a buffer
overflow vulnerability. This could result in the execution of
arbitrary commands as root by local system users.  Security Update
2005-004 fixes this problem by providing a patched version of
mRouter.  iSync 1.4 is also affected by this vulnerability, and
customers are encouraged to update to the freely available iSync 1.5
version, then apply Security Update 2005-004.  Credit to Braden
Thomas for reporting this issue.

Security Update 2005-004 may be obtained from the Software Update
pane in System Preferences, or Apple's Software Downloads web site:
http://www.apple.com/support/downloads/

The download file is named:  "SecUpd2005-004Pan.dmg"
Its SHA-1 digest is:  5ef91d98b43ff8d139b2b18782487fc5d13eb21a

Information will also be posted to the Apple Product Security
web site:
http://docs.info.apple.com/article.html?artnum=61798

This message is signed with Apple's Product Security PGP key,
and details are available at:
http://www.apple.com/support/security/pgp/

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1

iQEVAwUBQmWOkJyw5owIz4TQAQK5yAf+ONkSVIQ+r2h6rCtdQjaRzJq3kBlxyLSK
e8SYG+ptqM7u+T5awi1JUnF/yv7Mo1sdr3swcYEagWUmanKAZqeznq1Wzz25y8ci
vsVrWcO6Vm2w34eYg3+pjdGekQAL4E7YUtjZHf7S8sTjBwrPPB4tNsyUqv03vN/c
EDvPYdn6oBPHaTcvquDXJG/z8poM6jeBrwfMJ5p2lx4nLDKRRSqccSQfp7hMXrMf
qX7aFyD5TB+qJaJmv0zo1/cCOgopkhl/N5KOqGyAkyPSFfMqSRhx33UsRtq4JycZ
vsdghRIzL6oDbVq+VjFPqUlTOdOgwpLFnYDxHaTs+mvk2GhnmftVlA==
=TusL
-----END PGP SIGNATURE-----

_______________________________________________
Do not post admin requests to the list. They will be ignored.
Security-announce mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden




    

  • Prev by Date:
APPLE-SA-2005-04-15 Mac OS X v10.3.9

    • 

  • Previous by thread:
APPLE-SA-2005-04-15 Mac OS X v10.3.9

    • 

  • Index(es):

      

    • Date
      • 

    • Thread
      • 

    

    •

Apple Footer

This site contains user submitted content, comments and opinions and is for informational purposes only. Apple may provide or recommend responses as a possible solution based on the information provided; every potential issue may involve several factors not detailed in the conversations captured in an electronic forum and Apple can therefore provide no guarantee as to the efficacy of any proposed solutions on the community forums. Apple disclaims any and all liability for the acts, omissions and conduct of any third parties in connection with or related to your use of the site. All postings and use of the content on this site are subject to the Apple Support Communities Terms of Use.
 Apple
  1. Lists
  2. Archives
More ways to shop: Visit an Apple Store, call 1-800-MY-APPLE, or find a reseller.
United States
Copyright © Apple Inc. All rights reserved.
Privacy Policy Terms of Use Sales and Refunds Legal Site Map