Security Update 2009-003 / Mac OS X v10.5.8

Published: 2009-08-05
Last Updated: 2009-08-05 21:12:43 UTC
by donald smith (Version: 1)
1 comment(s)

Details of these will be posted here soon:

Updates can be obtained here:

bzip2 CVE-ID: CVE-2008-1372
Application termination.

CFNetwork CVE-ID: CVE-2009-1723
Incorrect URL displayed after a redirect.

ColorSync CVE-ID: CVE-2009-1726
Arbitrary code execution or application termination.

CoreTypes CVE-ID: CVE-2009-1727
Risk of execution of malicious JavaScript.

CoreTypes CVE-ID: CVE-2009-1727
Physical access may allow application management while system is locked via the screen saver.

Image RAW CVE-ID: CVE-2009-1728
Arbitrary code execution or Application termination.

ImageIO CVE-ID: CVE-2009-1722, CVE-2009-1721, CVE-2009-1720, CVE-2009-2188
Arbitrary code execution or Application termination.

Kernel CVE-ID: CVE-2009-1235
Local privilege escalation.

launchd CVE-ID: CVE-2009-2190

Login Window CVE-ID: CVE-2009-2191
Arbitrary code execution or Application termination.

MobileMe CVE-ID: CVE-2009-2192
Local credential reuse after signing out.

Networking CVE-ID: CVE-2009-2193
Arbitrary code execution or Application termination.

Networking CVE-ID: CVE-2009-2194

XQuery CVE-ID: CVE-2008-0674
Arbitrary code execution.

Keywords: apple updates
1 comment(s)


I've noted a number of persons, myself included who have issues with the Broadcom BCM43xx wireless in MacBooks after the 10.5.8 update when running on battery (99.9% packet loss). I know, sounds crazy, but if connected to a power source wireless is fine. See:

Diary Archives