• Product Information
• Security Products Overview
• Juniper Networks ISG Series
• IDP Demo
• Product Poster & Z-Card 

Title: RETIRED: Apple Mac OS X 2009-005 Multiple Security Vulnerabilities

Severity: CRITICAL

Description:

Apple Mac OS X is prone to multiple security vulnerabilities that have been addressed in Security Update 2009-003.

The update addresses new vulnerabilities that affect Alias Manager, CarbonCore, ColorSync, CoreGraphics, ImageIO, Launch Services, SMB, and Wiki Server.

The following new issues have been addressed:

1. A buffer-overflow vulnerability occurs in Alias Manager when handling alias files. An attacker can exploit this issue by enticing an unsuspecting victim into opening a malicious file. Successful exploits will allow the attacker to execute arbitrary code within the context of the application or crash the application. This issue affects Mac OS X 10.4.11, Mac OS X Server 10.4.11, Mac OS X 10.5.8, and Mac OS X 10.5.8. (CVE-2009-2800)

2. A memory-corruption vulnerability occurs in CarbonCore when the resource manager handles resource forks. An attacker can exploit this issue by enticing an unsuspecting victim into opening a malicious file. Successful exploits will allow the attacker to execute arbitrary code within the context of the application or crash the application. This issue affects Mac OS X 10.4.11, Mac OS X Server 10.4.11, Mac OS X 10.5.8, and Mac OS X 10.5.8. (CVE-2009-2803)

3. An integer-overflow vulnerability occurs in ColorSync when handling images within an embedded ColorSync file. This will lead to a heap overflow. An attacker can exploit this issue by enticing an unsuspecting victim into opening a malicious file. Successful exploits will allow the attacker to execute arbitrary code within the context of the application or crash the application. This issue affects Mac OS X 10.4.11, Mac OS X Server 10.4.11, Mac OS X 10.5.8, and Mac OS X 10.5.8. (CVE-2009-2804)

4. An integer-overflow vulnerability occurs in ColorSync when handling PDF files. This will lead to a heap overflow. An attacker can exploit this issue by enticing an unsuspecting victim into opening a PDF file containing a malicious JBIG2 stream. Successful exploits will allow the attacker to execute arbitrary code within the context of the application or crash the application. This issue affects Mac OS X 10.4.11, Mac OS X Server 10.4.11, Mac OS X 10.5.8, and Mac OS X 10.5.8. (CVE-2009-2805)

5. Multiple memory-corruption vulnerabilities in ImageIO occur when handling PixarFilm-encoded TIFF images. An attacker can exploit these issues by enticing an unsuspecting victim into opening a malicious TIFF file. Successful exploits will allow the attacker to execute arbitrary code within the context of the application or crash the application. This issue affects Mac OS X 10.4.11, Mac OS X Server 10.4.11, Mac OS X 10.5.8, and Mac OS X 10.5.8. (CVE-2009-2809)

6. A remote code-execution vulnerability occurs in Launch Services when attempting to open unsafe content. An attacker can exploit this issue by enticing an unsuspecting victim into opening a '.fileloc' file. Successful exploits will allow the attacker to execute arbitrary code within the context of the application or crash the application. This issue affects Mac OS X 10.5.8 and Mac OS X 10.5.8. (CVE-2009-2811)

7. A remote code-execution vulnerability occurs in Launch Services when handling exported document types and may cause a safe file extension to be associated with an unsafe Uniform Type Identifier (UTI). An attacker can exploit this issue by enticing an unsuspecting victim into viewing a malicious webpage. Successful exploits will allow the attacker to execute arbitrary code within the context of the affected application. This issue affects Mac OS X 10.5.8 and Mac OS X 10.5.8. (CVE-2009-2812)

8. A security vulnerability in the SMB component may allow attackers to share folders. This issue stems from an unchecked error condition in Samba. An attacker who does not have a configured home directory and connects to the Windows File Sharing service can access the contents of the filesystem with the privileges of the local filesystem. This issue affects Mac OS X 10.5.8 and Mac OS X 10.5.8. (CVE-2009-2813)

9. A cross-site scripting vulnerability occurs in the Wiki Server when handling search requests containing non-UTF-8-encoded data. An attacker can exploit this issue by enticing an unsuspecting victim into following a malicious URI. Successful exploits will allow the attacker to execute arbitrary script code within the context of the browser and steal cookie-based authentication credentials. This issue affects Mac OS X Server 10.5.8. (CVE-2009-2814)

NOTE: This BID is being retired. The following individual records have been created to better document these issues:

36354 Apple Mac OS X Alias Manager Buffer Overflow Vulnerability
36355 Apple Mac OS X CarbonCore Memory Corruption Vulnerability
36357 Apple Mac OS X ColorSync Heap Based Buffer Overflow Vulnerability
36358 Apple Mac OS X CoreGraphics Heap Based Buffer Overflow Vulnerability
36359 Apple Mac OS X ImageIO Multiple Memory Corruption Vulnerabilities
36360 Apple Mac OS X Launch Services Security Bypass Vulnerability
36361 Apple Mac OS X Launch Services Remote Code Execution Vulnerability
36363 Apple Mac OS X SMB Security Bypass Vulnerability
36364 Apple Mac OS X Wiki Server Cross Site Scripting Vulnerability

Affected Products:

• Apple Mac OS X 10.4.10
• Apple Mac OS X 10.4.11
• Apple Mac OS X 10.4.11
• Apple Mac OS X 10.4.2
• Apple Mac OS X 10.4.3
• Apple Mac OS X 10.4.4
• Apple Mac OS X 10.4.5
• Apple Mac OS X 10.4.6
• Apple Mac OS X 10.4.7
• Apple Mac OS X 10.4.8
• Apple Mac OS X 10.4.9
• Apple Mac OS X 10.5
• Apple Mac OS X 10.5.1
• Apple Mac OS X 10.5.2
• Apple Mac OS X 10.5.3
• Apple Mac OS X 10.5.4
• Apple Mac OS X 10.5.5
• Apple Mac OS X 10.5.6
• Apple Mac OS X 10.5.7
• Apple Mac OS X 10.5.8
• Apple Mac OS X Server 10.4.0
• Apple Mac OS X Server 10.4.1
• Apple Mac OS X Server 10.4.10
• Apple Mac OS X Server 10.4.11
• Apple Mac OS X Server 10.4.11
• Apple Mac OS X Server 10.4.2
• Apple Mac OS X Server 10.4.3
• Apple Mac OS X Server 10.4.4
• Apple Mac OS X Server 10.4.5
• Apple Mac OS X Server 10.4.6
• Apple Mac OS X Server 10.4.7
• Apple Mac OS X Server 10.4.8
• Apple Mac OS X Server 10.4.9
• Apple Mac OS X Server 10.5
• Apple Mac OS X Server 10.5.1
• Apple Mac OS X Server 10.5.2
• Apple Mac OS X Server 10.5.3
• Apple Mac OS X Server 10.5.4
• Apple Mac OS X Server 10.5.5
• Apple Mac OS X Server 10.5.6
• Apple Mac OS X Server 10.5.7
• Apple Mac OS X Server 10.5.8

References:

• Apple: Mac OS X Home Page
• CVE: CVE-2009-2800
• CVE: CVE-2009-2803
• CVE: CVE-2009-2804
• CVE: CVE-2009-2805
• CVE: CVE-2009-2809
• CVE: CVE-2009-2811
• CVE: CVE-2009-2812
• CVE: CVE-2009-2813
• CVE: CVE-2009-2814

Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.