|
1. Been infected with spyware? Tell us about your problem. 2. Protect your PC from viruses, spyware. 3. For fast automatic spyware removal, try CounterSpy, SUPERAntiSpyware |
Mac OS X File Association Meta Data Shell Script Execution
Michael Lehn has discovered a vulnerability in Mac OS X, which can be exploited by malicious people to compromise a user’s system.
The vulnerability is caused due to an error in the processing of file association meta data in ZIP archives (stored in the “__MACOSX” folder) and mail messages (defined via the AppleDouble MIME format). This can be exploited to trick users into executing a malicious shell script renamed to a safe file extension stored in a ZIP archive or in a mail attachment.
This can also be exploited automatically via the Safari browser when visiting a malicious web site.
Secunia has constructed a test, which can be used to check if your system is affected by this issue.
February 23, 2006 on 12:41 am | In Exploits & Vulnerabilities | |Submit to: Digg | SlashDot | Del.icio.us
No Comments yet »
RSS feed for comments on this post. TrackBack URI
Leave a comment
MY ANTI SPYWARE Powered by WordPress with Pool theme design by Borja Fernandez.
Entries and comments feeds.
Valid XHTML and CSS. ^Top^









