Researcher Posts Proof of Concept Exploit Code for Mac OS X Vulnerability
The vulnerability has to do with a potential buffer overflow error in the use of the "strtod" function Mac OS X's underlying Unix code. Since the flaw can be exploited by a remote attacker, SecurityReason considers the vulnerability's risk as "high."
FreeBSD, NetBSD, Google and Mozilla have already addressed the vulnerability, which was first discovered last June by researcher Maksymilian Arciemowicz. However, Apple has yet to update its software.