• Product Information
• Security Products Overview
• Juniper Networks ISG Series
• IDP Demo
• Product Poster & Z-Card 

Title: Apple Mac OS X 2008-004 Multiple Security Vulnerabilities

Severity: CRITICAL

Description:

Apple Mac OS X is prone to multiple security vulnerabilities that have been addressed in Security Update 2008-004 and Mac OS X/Mac OS X Server 10.5.4.

The security update addresses a total of six new vulnerabilities that affect the Alias Manager, CoreTypes, c++filt, Dock, Launch Services, and System Configuration components of Mac OS X.

Attackers may exploit these issues to execute arbitrary code, trigger denial-of-service conditions, escalate privileges, and potentially compromise vulnerable computers.

The following specific issues were reported:

1. A memory-corruption vulnerability occurs in Alias Manager when handling AFP volume mount information contained in an alias data structure. An attacker can exploit this issue by constructing malicious volume mount information. Successfully exploiting this issue may allow attackers to execute arbitrary code or crash the affected computer. This issue affects Mac OS X 10.4.11, Mac OS X Server 10.4.11, and Mac OS X 10.5.1 and earlier running on an Intel-based architecture. This issue is tracked by CVE-2008-2308.

2. A security vulnerability occurs in CoreType that may allow an attacker to execute malicious code. This issue occurs because the application fails to warn users about certain content types before opening the file. The attacker can exploit this issue by enticing an unsuspecting victim to open a malicious '.xht' or '.xhtm' file. Successfully exploiting this issue may allow attackers to execute arbitrary code within the context of the affected application. This issue affects Mac OS X 10.4.11, Mac OS X 10.4.11, Mac OS X 10.5 through 10.5.3, and Mac OS X Server 10.5 through 10.5.3. This issue is tracked by CVE-2008-2309.

3. A format-string vulnerability exists in the 'c++filt' component. This issue occurs because the application fails to handle specially crafted strings. Successfully exploiting this issue may allow an attacker to crash the affected application or execute arbitrary code. This issue affects Mac OS X v10.5 through v10.5.3 and Mac OS X Server v10.5 through v10.5.3. This issue is tracked by CVE-2008-2314.

4. A security-bypass vulnerability affects Dock. This issue occurs when passwords are required to unlock the computer and 'exposes hot corners' is enabled. An attacker with physical access to the computer can exploit this issue to bypass the screen lock. This issue affects Mac OS X 10.5 through 10.5.3, and Mac OS X Server 10.5 through 10.5.3. This issue is tracked by CVE-2008-2314.

5. A remote code-execution vulnerability occurs because of a race-condition affecting Launch Service. This issue occurs in the Download Validation of symbolic links when 'Open safe files' preference is enabled in Safari. An attacker can exploit this issue by enticing an unsuspecting victim to view a malicious page. Successfully exploiting this issue will allow attackers to execute arbitrary code. This issue affects Mac OS X 10.4.11 and Mac OS X Server 10.4.11. This issue is tracked by CVE-2008-2311.

6. A vulnerability that may allow local attackers to execute arbitrary code with elevated privileges affects System. Specifically, the application may allow users to populate the 'User Template' directory with arbitrary files. When an attacker creates a new user, these files will be included in the new user's home directory. This issue affects Mac OS X 10.4.11 and Mac OS X Server 10.4.11. This issue is tracked by CVE-2008-2313.

Affected Products:

• Apple Mac OS X 10.4.1
• Apple Mac OS X 10.4.10
• Apple Mac OS X 10.4.11
• Apple Mac OS X 10.4.2
• Apple Mac OS X 10.4.3
• Apple Mac OS X 10.4.4
• Apple Mac OS X 10.4.5
• Apple Mac OS X 10.4.6
• Apple Mac OS X 10.4.7
• Apple Mac OS X 10.4.8
• Apple Mac OS X 10.4.9
• Apple Mac OS X 10.5
• Apple Mac OS X 10.5.1
• Apple Mac OS X 10.5.2
• Apple Mac OS X 10.5.3
• Apple Mac OS X Server 10.4.1
• Apple Mac OS X Server 10.4.10
• Apple Mac OS X Server 10.4.11
• Apple Mac OS X Server 10.4.2
• Apple Mac OS X Server 10.4.3
• Apple Mac OS X Server 10.4.4
• Apple Mac OS X Server 10.4.5
• Apple Mac OS X Server 10.4.6
• Apple Mac OS X Server 10.4.7
• Apple Mac OS X Server 10.4.8
• Apple Mac OS X Server 10.4.9
• Apple Mac OS X Server 10.5
• Apple Mac OS X Server 10.5.1
• Apple Mac OS X Server 10.5.2
• Apple Mac OS X Server 10.5.3

References:

• Apple: About the security content of Security Update 2008-004 and Mac OS X 10.5.4
• Apple: Mac OS X Home Page
• CVE: CVE-2008-2308
• CVE: CVE-2008-2309
• CVE: CVE-2008-2311
• CVE: CVE-2008-2313
• CVE: CVE-2008-2314

Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.