Security Update 2009-003 / Mac OS X v10.5.8
Details of these will be posted here soon:
http://support.apple.com/kb/HT1222
Updates can be obtained here:
http://www.apple.com/support/downloads/
bzip2 CVE-ID: CVE-2008-1372
Application termination.
CFNetwork CVE-ID: CVE-2009-1723
Incorrect URL displayed after a redirect.
ColorSync CVE-ID: CVE-2009-1726
Arbitrary code execution or application termination.
CoreTypes CVE-ID: CVE-2009-1727
Risk of execution of malicious JavaScript.
CoreTypes CVE-ID: CVE-2009-1727
Physical access may allow application management while system is locked via the screen saver.
Image RAW CVE-ID: CVE-2009-1728
Arbitrary code execution or Application termination.
ImageIO CVE-ID: CVE-2009-1722, CVE-2009-1721, CVE-2009-1720, CVE-2009-2188
Arbitrary code execution or Application termination.
Kernel CVE-ID: CVE-2009-1235
Local privilege escalation.
launchd CVE-ID: CVE-2009-2190
DOS
Login Window CVE-ID: CVE-2009-2191
Arbitrary code execution or Application termination.
MobileMe CVE-ID: CVE-2009-2192
Local credential reuse after signing out.
Networking CVE-ID: CVE-2009-2193
Arbitrary code execution or Application termination.
Networking CVE-ID: CVE-2009-2194
DOS
XQuery CVE-ID: CVE-2008-0674
Arbitrary code execution.
Comments