Creative Software AutoUpdate Engine ActiveX stack buffer overflow
Reader Mark wrote in with a bit of intel about a Stack Based Buffer Overflow for Creative Software's AutoUpdate Engine through ActiveX.
Thanks to Mark and eEye who provided the vulnerability information here.
CLSID (Killbit) for this one is: 0A5FD7C5-A45C-49FC-ADB5-9952547D5715
For more information than you can stand about Killbits and how to set them check out a Google search of our own site.
--
Joel Esler
Apple Update 10.5.3 and Apple Security Update 2008-003
Apple released a huge update today in 10.5.3, however, I'm only going to highlight the Security Portion of the update, 2008-003. Some of these are purely Apple updates, some are simply updates to the Open Source packages that Apple provides in it's Operating System.
Updates to the following modules were made:
AFP Server -- Files that are not designated for sharing may be accessed remotely.
Apache -- Multiple vulnerabilities in Apache 2.0.55, including cross-site scripting. Apache is updated to version 2.0.63 to address several vulnerabilities.
AppKit -- Maliciously crafted file, unexpected application termination, arbitrary code execution.
Apple Pixlet Video -- Vulnerability to unexpected application termination, arbitrary code execution.
ATS -- Vulnerability to arbitrary code execution
CFNetwork -- Vulnerability leading to disclosure of sensitive information
CoreFoundation -- Vulnerability leading to unexpected application termination or arbitrary code execution.
CoreGraphics -- Vulnerability that may lead to an unexpected application termination or arbitrary code execution.
CoreTypes -- Lack of prompting against opening "certain potentially unsafe content types" in Automator, Help, Safari, and Terminal.
CUPS -- Information disclosure.
Flash Player Plug-in -- Arbitrary code execution, Updating to version 9.0.124.0.
Help Viewer -- Vulnerability to application termination or arbitrary code execution.
iCal -- Vulnerability to unexpected application termination or arbitrary code execution.
International Components for Unicode -- Disclosure of sensitive information.
Image Capture -- Path traversal vulnerability.
ImageIO -- Out-of-bounds memory read leading to information disclosure, Multiple vulnerabilities in libpng version 1.2.18, and Vulnerability to unexpected application termination or arbitrary code execution.
Kernel -- Remote vulnerability to unexpected system shutdown due to undetected failure condition and Local user vulnerability to unexpected system shutdown due to mishandling of code signatures.
LoginWindow -- Race condition preventing MCX preferences being applied
Mail -- IPv6 vulnerability leading to unexpected application termination, information disclosure, or arbitrary code execution.
ruby -- Remote vulnerability, updated to version 1.1.4
Single Sign-On -- Password disclosure in sso_util
Wiki Server -- Remote vulnerability to information disclosure
Happy patching all! I've upgraded three systems here, and I've had no problems that I can tell so far.
--
Joel Esler
Comments