News 

Tom Ferris discovered the vulnerabilities, detailed as follows in Secunia Advisory 19686: an error in the "BOMStackPop()" function in the BOMArchiveHelper when decompressing malformed ZIP archives; errors in the "KWQListIteratorImpl()", "drawText()", and "objc_msgSend_rtp()" functions in Safari when processing malformed HTML tags; an error in the "ReadBMP()" function when processing

ADVERTISEMENT

malformed BMP images which can be exploited via, for example, Safari or the Preview application; an error in the "CFAllocatorAllocate()" function when processing malformed GIF images which can be exploited via, for example, Safari when a user visits a malicious website; and errors in the " _cg_TIFFSetField ()" and "PredictorVSetField()" functions when processing malformed TIFF images which can be exploited via, for example, the Preview, Finder, QuickTime, or Safari applications.

The vulnerabilities have been reported in version 10.4.6 although earlier versions may also be affected.

Until Apple releases a fix, OS X users are advised to not visit untrusted websites or open ZIP archives or images originating from untrusted sources.

Ferris says that he reported the bugs to Apple at the beginning of the year and was told that they would be fixed in the next security update. Two updates have been released this year but the problems persist.