Researcher Posts Proof of Concept Exploit Code for Mac OS X Vulnerability

The vulnerability has to do with a potential buffer overflow error in the use of the "strtod" function.

By Kara Reeder | Posted Jan 11, 2010
Page of   |  Back to Page 1
Print ArticleEmail Article
  • Share on Facebook
  • Share on Twitter
  • Share on LinkedIn
A security researcher at SecurityReason has posted proof-of-concept code to demonstrate a vulnerability in Apple's Mac OS 10.5 and 10.6 , according to InformationWeek.

The vulnerability has to do with a potential buffer overflow error in the use of the "strtod" function Mac OS X's underlying Unix code. Since the flaw can be exploited by a remote attacker, SecurityReason considers the vulnerability's risk as "high."

FreeBSD, NetBSD, Google and Mozilla have already addressed the vulnerability, which was first discovered last June by researcher Maksymilian Arciemowicz. However, Apple has yet to update its software.

Comment and Contribute
(Maximum characters: 1200). You have
characters left.
Get the Latest Scoop with Enterprise Networking Planet Newsletter