exploits , vulnerabilities , articles , Security Hole in Mac OS X Also Affects Apple Mail

2006-02-22

Security Hole in Mac OS X Also Affects Apple Mail

The weak point in Apple's Mac OS X operating system is apparently worse than originally thought. In addition to attacks via the Safari web browser, Apple Mail also executes scripts without asking in certain circumstances. It suffices to disguise a script with the ending "jpg" and assign the Terminal application for opening it. If this script is then sent in the AppleDouble format as an attachment, the information is passed along so that the recipient's system also opens it with the Terminal. Apple Mail displays the attachment with a JPG file symbol, but when users click on it, the script executes within Terminal without further prompting. Update: Heise is right.

News - newest 10 RSS | More

2008-06-27 33641 Hits The A-Z of Programming Languages: C++
2008-06-27 20201 Hits Nvidia Reiterates Position on Closed Source Driver
2008-06-27 14359 Hits Comparing Browsers' Memory Usage
2008-06-27 11474 Hits In Defense of Reading the [Fine] Manual
2008-06-27 12287 Hits Dear Microsoft, Thanks for the Help, Linux
2008-06-27 11587 Hits Will the Internet Really Improve the Way We Think?
2008-06-27 12069 Hits Full Text: an Epic Bill Gates e-Mail Rant
2008-06-27 13491 Hits Does Open Java Matter?
2008-06-27 11100 Hits Ten Fantastic Keyboard Shortcuts in OpenOffice.org
2008-06-27 11626 Hits LiPS and LiMo Mobile Linux Groups Join Forces