Languages

Archived - About the security content of the Mac OS X 10.4.1 Update

This article has been archived and is no longer updated by Apple.

This document describes the security content of the Mac OS X 10.4.1 Update, which can be downloaded and installed via Software Update preferences, or from Apple Downloads.

For the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases are available. To learn more about Apple Product Security, see the Apple Product Security website.

For information about the Apple Product Security PGP Key, see "How To Use The Apple Product Security PGP Key."

Where possible, CVE IDs are used to reference the vulnerabilities for further information.

To learn about other Security Updates, see "Apple Security Updates."

Mac OS X 10.4.1 Update

  • Bluetooth

    Available for: Mac OS X v10.4, Mac OS X Server v10.4

    CVE-ID: CAN-2005-1333

    Impact: Directory traversal via Bluetooth file and object exchange

    Description: Due to insufficient input checking, the Bluetooth file and object exchange services could be used to access files outside of the default file exchange directory. This update addresses the issue by adding enhanced filtering for path-delimiting characters. Credit to kf_lists[at]digitalmunition[dot]com for reporting this issue.

  • Dashboard

    CVE-ID: CAN-2005-1474

    Available for: Mac OS X v10.4, Mac OS X Server v10.4

    Impact: Malicious websites can download and install widgets via Safari without the Safe Download Validation warning

    Description: This update blocks the automatic installation of Dashboard widgets. Mac OS X's Safe Download Validation warning is enabled, requiring user approval before a Dashboard widget is installed by Safari. This issue does not affect Mac OS X versions prior to 10.4. Further information on removing Dashboard widgets that you have installed is available here.

  • Kernel

    CVE-ID: CAN-2005-1472

    Available for:Mac OS X v10.4, Mac OS X Server v10.4

    Impact:Users can discover the names of files placed in normally unsearchable places

    Description:Two system calls designed to allow efficient searching of filesystem objects incorrectly checked the permissions on enclosing directories and would reveal the names of files. The incorrect checking only occurred for directories without the POSIX read, but with the POSIX execute bits set for group and other. In practice this issue only affects files stored in users ~/Public/Drop Box. This update addresses the issue by correctly honoring the POSIX permission bits on directories. Credit to John M. Glenn of San Francisco for reporting this issue.

  • Kernel

    Available for: Mac OS X v10.4, Mac OS X Server v10.4

    CVE ID: CAN-2005-0974 CERT: VU#713614

    Impact: Local system users can cause a local denial of service

    Description: A vulnerability in the nfs_mount() call due to insufficient checks on input values could allow unprivileged local users to create a denial of service via a kernel panic.

  • SecurityAgent

    CVE-ID: CAN-2005-1473

    Available for: Mac OS X v10.4, Mac OS X Server v10.4

    Impact: Users with physical access to a system with a locked screensaver can start background applications

    Description: A contextual menu feature in Mac OS X 10.4 allows URLs to be opened from a text input field. This could be used to launch an application behind a locked screensaver window. This update addresses the issue by removing the contextual menu from screensaver text input fields.

Last Modified: Feb 18, 2012
  • Last Modified: Feb 18, 2012
  • Article: TA23244
  • Views:

    1522

Additional Product Support Information