Mac OS X Mach-O Universal Binary Memory Corruption
Mac OS X Mach-O Universal Binary Memory Corruption
Secunia reports on a newly discovered vulnerability in Mac OS X that allows local users to potentially cause denial or service or gain escalated user privileges.
The report states:
"the vulnerability is caused due to an error in the fatfile_getarch2() function. This can be exploited to cause an integer overflow and may potentially allow execution of arbitrary code with kernel privileges via a specially crafted Mach-O Universal binary.
"The vulnerability is reported in a fully patched Mac OS X (2006-11-26). Other versions may also be affected."
The common sense solution explicated by Secunia in this case is to provide only trusted users access to the system.
Feedback? Late-breakers@macfixit.com.
Resources