With the safety update 2005-008 Apple plugs a set of safety holes in Mac OS X and therein contained applications. The September update concerns underen other one the Web Browser safari, the Mail program and Quicktime.
The update package for Mac OS X 10.3.9 eliminates a CROSS Site Scripting weak point in the Browser safari, which was already repaired with the newer Mac OS X 10.4.2 with the previous collecting update 2005-007. Buffer overflow in the component an image IO concerns different applications, which use this module beside safari also. Through particularly an aggressor can produce prepared GIF files a buffer overflow, which can be used for transferring executable code.
The Quickdraw manager contains a programming error, which can be likewise used with a prepared image file. When indicating such PICT-file it comes to a buffer overflow, which an aggressor can use for the execution transferred program code. Also of it different applications are, among them again concerned safari as well as Mail and the Finder.
With Apple Mail gives it an error, which leads with automatic answers to the fact that contents of coded Mails in the plain language in the answer appear. With Mac OS X 10.3.9 eliminates the update in addition an error of the Mail program with the use of Smtp Authentication - with Mac OS X 10.4.2 this was already repaired with the update by August.
Quicktime for Java made possible under Mac OS X 10.3.9 unsignierten applet the access to functions in system libraries. The Java extension of Quicktime 6,52 as well as earlier versions is concerned. With Mac OS X 10,4 this problem does not exist.Powered By © StrangerNetWork Operations Department.