Impact: Viewing or downloading a document containing a maliciously crafted embedded font may lead to arbitrary code executionThe update is available for all users who have the latest version of either Leopard or Snow Leopard installed on Mac OS X Server 10.5, Mac OS X 10.5.8, Mac OS X Server 10.6, or Mac OS X 10.6.4 .
Description: A stack buffer overlow exists in Apple Type Services’ handling of embedded fonts. Viewing or downloading a document containing a maliciously crafted embedded font may lead to arbitrary code execution. This issue is addressed through improved bounds checking.
0 comments:
Post a Comment