Researcher Posts Proof of Concept Exploit Code for Mac OS X Vulnerability

Monday Jan 11th 2010 by Kara Reeder
Share:

The vulnerability has to do with a potential buffer overflow error in the use of the "strtod" function.

A security researcher at SecurityReason has posted proof-of-concept code to demonstrate a vulnerability in Apple's Mac OS 10.5 and 10.6 , according to InformationWeek.

The vulnerability has to do with a potential buffer overflow error in the use of the "strtod" function Mac OS X's underlying Unix code. Since the flaw can be exploited by a remote attacker, SecurityReason considers the vulnerability's risk as "high."

FreeBSD, NetBSD, Google and Mozilla have already addressed the vulnerability, which was first discovered last June by researcher Maksymilian Arciemowicz. However, Apple has yet to update its software.

Share:
Home
Mobile Site | Full Site
Copyright 2017 © QuinStreet Inc. All Rights Reserved