Apple Mac OS X UDTO HFS+ Denial of Service Vulnerability

LMH has reported a vulnerability in Mac OS X, which potentially can be exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to errors in the handling of UDTO HFS+ image structures and can be exploited to cause a system panic.

NOTE: This is only remotely exploitable via the Safari web browser when the “opening safe files after downloading” option is enabled.

The vulnerability is reported in a fully patched Mac OS X (2006-11-21). Other versions may also be affected.

Solution: Disable the “opening safe files after downloading” option. Grant only trusted users

Leave a Reply