Status Tracking Note TRTA08-043B

Apple Updates for Multiple Vulnerabilities

Overview

Apple has released Security Update 2008-001 and OS X version 10.5.2 to correct multiple vulnerabilities affecting Apple Mac OS X and Mac OS X Server. Attackers could exploit these vulnerabilities to execute arbitrary code, gain access to sensitive information, or cause a denial of service.
Event Information


Date (UTC)Description
2008-02-12 19:29 US-CERT
TA08-043B: Apple Updates for Multiple Vulnerabilities
Via US-CERT Mailing List
2008-02-12 13:40 US-CERT
Apple Releases Security Updates for Multiple Vulnerabilities
US-CERT Current Activity
Apple has released Security Update 2008-001 and Mac OS X 10.5.2 to address multiple vulnerabilities in Mac OS X and related products. The impacts of these vulnerabilities include remote code execution, denial of service, and information disclosure.
2008-02-12 01:22 SANS Internet Storm Center
Apple security update 2008-001 and 10.5.2 upgrade
Apple released today a Security Update 2008-001 for MacOS X 10.4 fixing 5 vulnerabilities in one patch.
2008-02-11 21:38 Apple
Article ID: 307430: About the security content of Mac OS X 10.5.2 and Security Update 2008-001
2007-09-05 iDefense
Multiple Vendor X Font Server Multiple Vulnerabilities
swap_char2b function in X.Org X Font Server (xfs) Vulnerability (CVE-2007-4990)
Integer overflow in the build_range function@in X.Org X Font Server (xfs) Vulnerability (CVE-2007-4568)
Vulnerability Reported
Remote exploitation of a multiple vulnerabilities in X.Org Foundation's X Font Server, as included in various vendors' operating system distributions, could allow an attacker to execute arbitrary code.
2007-01-18 Bugtraq
Mac OS X 10.4.8 SLP Daemon Service Registration Buffer Overflow PoC
Vulnerability Proof Of Concept (Buffer overflow in the Apple Minimal SLP - CVE-2007-0355)
#Cid: MOAB-17-01-2007.rb


Date first published (UTC): 2008-02-17T08:01+00:00
Date last updated (UTC): 2008-02-26T00:07+00:00