Apple Mac OS X CoreGraphics Multiple Memory Corruption Vulnerabilities
BID:30488
Info
Apple Mac OS X CoreGraphics Multiple Memory Corruption Vulnerabilities
| Bugtraq ID: | 30488 |
| Class: | Unknown |
| CVE: |
CVE-2008-2321 |
| Remote: | Yes |
| Local: | No |
| Published: | Jul 31 2008 12:00AM |
| Updated: | Jun 11 2009 10:09PM |
| Credit: | Michal Zalewski |
| Vulnerable: |
Apple Safari 3.2.3 for Windows Apple Safari 3.2.2 for Windows Apple Safari 3.1.2 for Windows Apple Safari 3.1.1 for Windows Apple Safari 3.0.4 Beta for Windows Apple Safari 3.0.3 Beta for Windows Apple Safari 3.0.2 Beta for Windows Apple Safari 3.0.1 Beta for Windows Apple Safari 3.1 for Windows Apple Safari 3 Beta for Windows Apple Mac OS X Server 10.5.4 Apple Mac OS X Server 10.5.3 Apple Mac OS X Server 10.5.2 Apple Mac OS X Server 10.5.1 Apple Mac OS X Server 10.4.11 Apple Mac OS X Server 10.4.10 Apple Mac OS X Server 10.4.9 Apple Mac OS X Server 10.4.8 Apple Mac OS X Server 10.4.7 Apple Mac OS X Server 10.4.6 Apple Mac OS X Server 10.4.5 Apple Mac OS X Server 10.4.4 Apple Mac OS X Server 10.4.3 Apple Mac OS X Server 10.4.2 Apple Mac OS X Server 10.4.1 Apple Mac OS X Server 10.4 Apple Mac OS X Server 10.5 Apple Mac OS X 10.5.4 Apple Mac OS X 10.5.3 Apple Mac OS X 10.5.2 Apple Mac OS X 10.5.1 Apple Mac OS X 10.4.11 Apple Mac OS X 10.4.10 Apple Mac OS X 10.4.9 Apple Mac OS X 10.4.8 Apple Mac OS X 10.4.7 Apple Mac OS X 10.4.6 Apple Mac OS X 10.4.5 Apple Mac OS X 10.4.4 Apple Mac OS X 10.4.3 Apple Mac OS X 10.4.2 Apple Mac OS X 10.4.1 Apple Mac OS X 10.4 Apple Mac OS X 10.5 Apple iPod Touch 2.0.2 Apple iPod Touch 2.0.1 Apple iPod Touch 1.1.4 Apple iPod Touch 1.1.3 Apple iPod Touch 1.1.2 Apple iPod Touch 1.1.1 Apple iPod Touch 2.1 Apple iPod Touch 2.0 Apple iPod Touch 1.1 Apple iPhone 2.0.2 Apple iPhone 2.0.1 Apple iPhone 1.1.4 Apple iPhone 1.1.3 Apple iPhone 1.1.2 Apple iPhone 1.1.1 Apple iPhone 1.0.2 Apple iPhone 1.0.1 Apple iPhone 2.1 Apple iPhone 2.0 Apple iPhone 1.1 Apple iPhone 1 |
| Not Vulnerable: |
Apple Safari 4 for Windows Apple iPod Touch 2.2 Apple iPhone 2.2 |
Discussion
Apple Mac OS X CoreGraphics Multiple Memory Corruption Vulnerabilities
Apple Mac OS X is prone to multiple memory-corruption vulnerabilities that affect the CoreGraphics component.
Attackers can exploit these issues to execute arbitrary code in the context of the affected application or cause denial-of-service conditions.
The following versions are affected:
Mac OS X v10.4.11 and prior
Mac OS X Server v10.4.11 and prior
Mac OS X v10.5.4 and prior
Mac OS X Server v10.5.4 and prior
NOTE: These issues were previously covered in BID 30483 (Apple Mac OS X 2008-005 Multiple Security Vulnerabilities), but have been given their own record to better document them.
Apple Mac OS X is prone to multiple memory-corruption vulnerabilities that affect the CoreGraphics component.
Attackers can exploit these issues to execute arbitrary code in the context of the affected application or cause denial-of-service conditions.
The following versions are affected:
Mac OS X v10.4.11 and prior
Mac OS X Server v10.4.11 and prior
Mac OS X v10.5.4 and prior
Mac OS X Server v10.5.4 and prior
NOTE: These issues were previously covered in BID 30483 (Apple Mac OS X 2008-005 Multiple Security Vulnerabilities), but have been given their own record to better document them.
Exploit / POC
Apple Mac OS X CoreGraphics Multiple Memory Corruption Vulnerabilities
The following proof of concept is available:
The following proof of concept is available:
Solution / Fix
Apple Mac OS X CoreGraphics Multiple Memory Corruption Vulnerabilities
Solution:
The vendor has released an advisory and updates. Please see the referenced advisory for details.
Apple Safari 3 Beta for Windows
Apple Safari 3.1 for Windows
Apple Mac OS X 10.5.4
Apple Mac OS X Server 10.5.4
Apple Safari 3.0.1 Beta for Windows
Apple Safari 3.0.2 Beta for Windows
Apple Safari 3.0.4 Beta for Windows
Apple Safari 3.1.1 for Windows
Apple Safari 3.1.2 for Windows
Apple Safari 3.2.2 for Windows
Apple Safari 3.2.3 for Windows
Solution:
The vendor has released an advisory and updates. Please see the referenced advisory for details.
Apple Safari 3 Beta for Windows
-
Apple SafariSetup.exe
Safari4
http://www.apple.com/safari/download/
Apple Safari 3.1 for Windows
-
Apple SafariSetup.exe
Safari4
http://www.apple.com/safari/download/
Apple Mac OS X 10.5.4
-
Apple SecUpd2008-005.dmg
For Mac OS X v10.5.4 and Mac OS X Server 10.5.4
http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=20388&cat= 1&platform=osx&method=sa/SecUpd2008-005.dmg
Apple Mac OS X Server 10.5.4
-
Apple SecUpd2008-005.dmg
For Mac OS X v10.5.4 and Mac OS X Server 10.5.4
http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=20388&cat= 1&platform=osx&method=sa/SecUpd2008-005.dmg
Apple Safari 3.0.1 Beta for Windows
-
Apple SafariSetup.exe
Safari4
http://www.apple.com/safari/download/
Apple Safari 3.0.2 Beta for Windows
-
Apple SafariSetup.exe
Safari4
http://www.apple.com/safari/download/
Apple Safari 3.0.4 Beta for Windows
-
Apple SafariSetup.exe
Safari4
http://www.apple.com/safari/download/
Apple Safari 3.1.1 for Windows
-
Apple SafariSetup.exe
Safari4
http://www.apple.com/safari/download/
Apple Safari 3.1.2 for Windows
-
Apple SafariSetup.exe
Safari4
http://www.apple.com/safari/download/
Apple Safari 3.2.2 for Windows
-
Apple SafariQuickTimeSetup.exe
Safari+QuickTime for Windows XP or Vista
http://www.apple.com/safari/download/ -
Apple SafariSetup.exe
Safari4
http://www.apple.com/safari/download/
Apple Safari 3.2.3 for Windows
-
Apple SafariSetup.exe
Safari4
http://www.apple.com/safari/download/
References
Apple Mac OS X CoreGraphics Multiple Memory Corruption Vulnerabilities
References:
References:
- Mac OS X Homepage (Apple)
- catching up on several recently fixed bugs of note (Michal Zalewski
- About the security content of iPhone OS 2.2 and iPhone OS for iPod touch 2.2 (Apple)