Turn off the Ad Banner  

To print: Select File and then Print from your browser's menu.

    -----------------------------------------------
This story was printed from CdrInfo.com,
located at http://www.cdrinfo.com.
-----------------------------------------------

Appeared on: Thursday, December 01, 2005
Apple Releases Patch for 13 Security Flaws

Apple warned that the Mac OS X operating system contains 13 security flaws, some of them serious. The company issued a cumulative patch for the bugs today.

The flaws could allow remote code execution, security breaches, spoofing, cross-site scripting, denial-of-service attacks and other problems, according to Apple. Some of the flaws can be exploited from the Internet.

The most serious of the flaws -- including bugs in CoreFoundation and Safari -- could let an attacker remotely execute malicious code, effectively taking over the system. Safari is also vulnerable to less serious attacks, one in which the browser downloads files into a different location, and a spoofing flaw involving JavaScript dialogue boxes.

Other flaws could allow the downgrading of Secure Sockets Layer connections to an earlier, less secure SSL version -- known as a protocol downgrade attack; privilege escalation by local users; a cross-site scripting flaw in Apache; and the ability to forge syslog entries.


Home | News | All News | Reviews | Articles | Guides | Download | Expert Area | Forum | Site Info
Site best viewed at 1024x768+ - CDRINFO.COM 1998-2014 - All rights reserved -
Privacy policy - Contact Us .