Status Tracking Note TRTA08-043B

Apple Updates for Multiple Vulnerabilities

Apple has released Security Update 2008-001 and OS X version 10.5.2 to correct multiple vulnerabilities affecting Apple Mac OS X and Mac OS X Server. Attackers could exploit these vulnerabilities to execute arbitrary code, gain access to sensitive information, or cause a denial of service.

Event Information

Date (UTC)	Description
2008-02-12 19:29	US-CERT TA08-043B: Apple Updates for Multiple Vulnerabilities Via US-CERT Mailing List
2008-02-12 13:40	US-CERT Apple Releases Security Updates for Multiple Vulnerabilities US-CERT Current Activity Apple has released Security Update 2008-001 and Mac OS X 10.5.2 to address multiple vulnerabilities in Mac OS X and related products. The impacts of these vulnerabilities include remote code execution, denial of service, and information disclosure.
2008-02-12 01:22	SANS Internet Storm Center Apple security update 2008-001 and 10.5.2 upgrade Apple released today a Security Update 2008-001 for MacOS X 10.4 fixing 5 vulnerabilities in one patch.
2008-02-11 21:38	Apple Article ID: 307430: About the security content of Mac OS X 10.5.2 and Security Update 2008-001
2007-09-05	iDefense Multiple Vendor X Font Server Multiple Vulnerabilities swap_char2b function in X.Org X Font Server (xfs) Vulnerability (CVE-2007-4990) Integer overflow in the build_range function@in X.Org X Font Server (xfs) Vulnerability (CVE-2007-4568) Vulnerability Reported Remote exploitation of a multiple vulnerabilities in X.Org Foundation's X Font Server, as included in various vendors' operating system distributions, could allow an attacker to execute arbitrary code.
2007-01-18	Bugtraq Mac OS X 10.4.8 SLP Daemon Service Registration Buffer Overflow PoC Vulnerability Proof Of Concept (Buffer overflow in the Apple Minimal SLP - CVE-2007-0355) #Cid: MOAB-17-01-2007.rb


Date first published (UTC):	2008-02-17T08:01+00:00
Date last updated (UTC):	2008-02-26T00:07+00:00