About Security Update 2010-005

This document describes Security Update 2010-005.

This article has been archived and is no longer updated by Apple.

For the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases are available. To learn more about Apple Product Security, see the Apple Product Security website.

For information about the Apple Product Security PGP Key, see "How to use the Apple Product Security PGP Key."

Where possible, CVE IDs are used to reference the vulnerabilities for further information.

To learn about other Security Updates, see "Apple Security Updates".

Security Update 2010-005

  • ATS

    CVE-ID: CVE-2010-1808

    Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.4, Mac OS X Server v10.6.4

    Impact: Viewing or downloading a document containing a maliciously crafted embedded font may lead to arbitrary code execution

    Description: A stack buffer overlow exists in Apple Type Services' handling of embedded fonts. Viewing or downloading a document containing a maliciously crafted embedded font may lead to arbitrary code execution. This issue is addressed through improved bounds checking.

  • CFNetwork

    CVE-ID: CVE-2010-1800

    Available for: Mac OS X v10.6.4, Mac OS X Server v10.6.4

    Impact: An attacker with a privileged network position may intercept user credentials or other sensitive information

    Description: CFNetwork permits anonymous TLS/SSL connections. This may allow a man-in-the-middle attacker to redirect connections and intercept user credentials or other sensitive information. This issue does not affect the Mail application. This issue is addressed by disabling anonymous TLS/SSL connections. This issue does not affect systems prior to Mac OS X v10.6.3. Credit  to Aaron Sigel of vtty.com, Jean-Luc Giraud of Citrix, Tomas Bjurman of Sirius IT, and Wan-Teh Chang of Google, Inc. for reporting this issue.

  • ClamAV

    CVE-ID: CVE-2010-0098, CVE-2010-1311

    Available for: Mac OS X Server v10.5.8, Mac OS X Server v10.6.4

    Impact: Multiple vulnerabilities in ClamAV

    Description: Multiple vulnerabilities exist in ClamAV, the most serious of which may lead to arbitrary code execution. This update addresses the issues by updating ClamAV to version 0.96.1. ClamAV is distributed only with Mac OS X Server systems. Further information is available via the ClamAV website at http://www.clamav.net/

  • CoreGraphics

    CVE-ID: CVE-2010-1801

    Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.4, Mac OS X Server v10.6.4

    Impact: Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution

    Description: A heap buffer overflow exists in CoreGraphics' handling of PDF files. Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved bounds checking. Credit to Rodrigo Rubira Branco from the Check Point Vulnerability Discovery Team (VDT) for reporting this issue.

  • libsecurity

    CVE-ID: CVE-2010-1802

    Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.4, Mac OS X Server v10.6.4

    Impact: An attacker in a privileged network position who can obtain a domain name that differs only in the last characters from the name of a legitimate domain may impersonate hosts in that domain

    Description: An issue exists in the handling of certificate host names. For host names containing three or more components, the last characters are not properly compared. In the case of a name containing exactly three components, only the last character is not checked. For example, if an attacker in a privileged network position could obtain a certificate for www.example.con the attacker can impersonate www.example.com. This issue is addressed through improved handling of certificate host names. Credit to Peter Speck for reporting this issue.

  • PHP

    CVE-ID: CVE-2010-1205

    Available for: Mac OS X v10.6.4, Mac OS X Server v10.6.4

    Impact: Loading a maliciously crafted PNG image may lead to an unexpected application termination or arbitrary code execution

    Description: A buffer overflow exists in PHP's libpng library. Loading a maliciously crafted PNG image may lead to an unexpected application termination or arbitrary code execution. This issue is addressed by updating libpng within PHP to version 1.4.3. This issue does not affect systems prior to Mac OS X v10.6.

  • PHP

    CVE-ID: CVE-2010-1129, CVE-2010-0397, CVE-2010-2225, CVE-2010-2484

    Available for: Mac OS X v10.6.4, Mac OS X Server v10.6.4

    Impact: Multiple vulnerabilities in PHP 5.3.1

    Description: PHP is updated to version 5.3.2 to address multiple vulnerabilities, the most serious of which may lead to arbitrary code execution. Further information is available via the PHP website at http://www.php.net/

  • Samba

    CVE-ID: CVE-2010-2063

    Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.4, Mac OS X Server v10.6.4

    Impact: An unauthenticated remote attacker may cause a denial of service or arbitrary code execution

    Description: A buffer overflow exists in Samba. An unauthenticated remote attacker may cause a denial of service or arbitrary code execution by sending a maliciously crafted packet. This issue is addressed by performing additional validation of packets in Samba.

Important: Mention of third-party websites and products is for informational purposes only and constitutes neither an endorsement nor a recommendation. Apple assumes no responsibility with regard to the selection, performance or use of information or products found at third-party websites. Apple provides this only as a convenience to our users. Apple has not tested the information found on these sites and makes no representations regarding its accuracy or reliability. There are risks inherent in the use of any information or products found on the Internet, and Apple assumes no responsibility in this regard. Please understand that a third-party site is independent from Apple and that Apple has no control over the content on that website. Please contact the vendor for additional information.
Last Modified:
Helpful?

Additional Product Support Information

Start a Discussion

in Apple Support Communities
See all questions on this article See all questions I have asked
United States (English)