Re: OS X security holes so numerous Apple can't keep up...

In article <xuX1g.29833$BL7.23262@xxxxxxxxxxxxxxxxxxxxxx>,
Stew <antwun@xxxxxxxxx> wrote:

http://www.security-protocols.com/modules.php?name=News&file=article&sid=3233

Scary! Did chimps code OS X?

Let's take them one by one:

"Apple OS X 10.4.5 .tiff "LZWDecodeVector ()" Heap Overflow"

His own links says:

"Solution:
This issue was silently fixed by Apple in update 10.4.6.
http://docs.info.apple.com/article.html?artnum=303411";

<URL:http://www.security-protocols.com/sp-x24-advisory.php>

IOW, fixed; a non-issue.


"Apple OS X BOM ArchiveHelper .zip Heap Overflow"

And his own site says:

"Technical Details:
When decompressing specially crafted .zip file, the BOMStackPop ()
function incorrectly parses the malformed data and causes the
application to segmentation fault. "

<URL:http://www.security-protocols.com/sp-x25-advisory.php>

IOW, it causes a crash and the application cannot then run arbitrary
code.


"Apple OS X Safari 2.0.3 Multiple Vulnerabilities"

Again, he only shows that Safari will crash, not that it will allow
execution of arbitrary code.

"Apple OS X 10.4.6 "ReadBMP ()" .bmp Heap Overflow"

He shows it crashes. Nothing more.

"Apple OS X 10.4.6 "CFAllocatorAllocate ()" .gif Heap Overflow"

Ditto.

"Apple OS X 10.4.6 .tiff "_cg_TIFFSetField ()" DoS"

More of same.

"Apple OS X 10.4.6 .tiff "PredictorVSetField ()" Heap Overflow"

Le meme chose.

So all he's really shown is that heap overflows cause the OS to shut
down the offending application.

Wow. The OS is doing exactly what it is supposed to do.

--
Alan Baker
Vancouver, British Columbia
"If you raise the ceiling 4 feet, move the fireplace from that wall
to that wall, you'll still only get the full stereophonic effect
if you sit in the bottom of that cupboard."
.

Relevant Pages

  • [Full-disclosure] iDefense Security Advisory 06.11.09: Multiple Vendor WebKit Error Handling Use
    ... iDefense Security Advisory 06.08.09 ... Apple Inc.'s Safari browser, as well as by Google's Chrome browser. ... The vulnerability occurs when JavaScript code is used to set a certain ...
    (Full-Disclosure)
  • [Full-disclosure] Hijacking Safari 4 Top Sites with Phish Bombs
    ... Platforms affected - Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X ... Safari is a web browser developed by Apple Inc. ... different sites that the attacker wants to add in your Top Sites list. ...
    (Full-Disclosure)
  • Hijacking Safari 4 Top Sites with Phish Bombs
    ... Platforms affected - Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X ... Safari is a web browser developed by Apple Inc. ... different sites that the attacker wants to add in your Top Sites list. ...
    (Bugtraq)
  • Safari Bling
    ... of Safari 4, the company's latest version of their WebKit browser. ... Let me explain where it went wrong for Apple. ... it had the tabs in a different place ...
    (comp.sys.mac.apps)
  • Apple-Google collaboration
    ... Apple Computer's partnership with Internet search giant Google may ... provide some new enhancements to Apple's Safari web browser with next ... Previous reports have also suggested that Apple in Leopard would extend ... Jobs highlighted 10 major enhancements due in the release but said the ...
    (comp.sys.mac.advocacy)