Apple Mac OS X UDTO HFS+ Denial of Service Vulnerability

LMH has reported a vulnerability in Mac OS X, which potentially can be exploited by malicious people to cause a DoS (Denial of Service).


The vulnerability is caused due to errors in the handling of UDTO HFS+ image structures and can be exploited to cause a system panic.


NOTE: This is only remotely exploitable via the Safari web browser when the “opening safe files after downloading” option is enabled.


The vulnerability is reported in a fully patched Mac OS X (2006-11-21). Other versions may also be affected.


Solution: Disable the “opening safe files after downloading” option. Grant only trusted users


http://secunia.com/advisories/23062/

Leave a Reply