/dev/everything |
November 22, 2007

This one is unpatched as of this point. This was discovered by Heise Security.

From Secunia:

Description:
A vulnerability has been reported in Apple Mail, which can be exploited by malicious people to compromise a user’s system.

The vulnerability is caused due to an error in the handling of unsafe file types in email attachments. This can be exploited via a specially crafted email containing an attachment of an ostensibly safe file type (e.g. “.jpg”) to execute arbitrary shell commands when the attachment is double-clicked.

This is related to vulnerability #8 in:
SA19064

The vulnerability is reported in Apple Mail included in Apple Mac OS X 10.5 (Leopard).

Solution:
Do not open attachments from untrusted sources.

Article Link

[tags]Apple Mail vulnerability, Apple Mail Command Execution, Apple Mail Exploit[/tags]

Related posts

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.