Contribute  :  Web Resources  :  Past Polls  :  Calendar  :  Advanced Search  :  Site Statistics  :  Software Sales  :  Downloads  
    macweb.ciu10.org CIU10 IT Forum    
advanced search  
Sections
Home
General News (81/0)
Mac OS X (73/0)
Mac OS X Server (3/0)
Mac OS X Security (46/0)
TIG Group (21/0)
Linux (12/0)
eGoals (32/0)
Windows (49/0)
Classic OS 9 (1/0)
Software Archive (3/0)
User Functions
Username:

Password:

Don't have an account yet? Sign up as a New User
Subscribe
XML Graphic XML / RDF Feed
Firefox?
Get Firefox
Older Stories
Tuesday 23-Jan
Friday 15-Dec
Wednesday 29-Nov
Thursday 02-Nov
Wednesday 25-Oct
Friday 20-Oct
Wednesday 27-Sep
Tuesday 12-Sep
 Welcome to macweb.ciu10.org
 Thursday, September 09 2010 @ 06:17 AM EDT

APPLE-SA-2008-11-10 iLife Support 8.3.1

    
Tuesday, November 11 2008 @ 09:07 AM EST
Contributed by: macboy
Views: 1454

Mac OS X SecurityiLife Support 8.3.1 is now available and addresses the following security issues:

ImageIO
CVE-ID:  CVE-2008-2327
Available for:  iLife 8.0 or Aperture 2, on Mac OS v10.4.9 through v10.4.11
Impact:  Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution
Description:  Multiple uninitialized memory access issues exist in libTIFF's handling of LZW-encoded TIFF images. Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue through proper memory initialization and additional validation of TIFF images. These issues are already addressed in systems running Mac OS X v10.5.5. Credit: Apple.

ImageIO
CVE-ID:  CVE-2008-2332
Available for:  iLife 8.0 or Aperture 2, on Mac OS v10.4.9 through v10.4.11
Impact:  Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution
Description:  A memory corruption issue exits in the handling of TIFF images. Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue through improved processing of TIFF images. This issue is already addressed in systems running Mac OS X v10.5.5. Credit to Robert Swiecki of Google Security Team for reporting this issue.

ImageIO
CVE-ID:  CVE-2008-3608
Available for:  iLife 8.0 or Aperture 2, on Mac OS v10.4.9 through v10.4.11
Impact:  Viewing a large maliciously crafted JPEG image may lead to an unexpected application termination or arbitrary code execution
Description:  A memory corruption issue exists in ImageIO's handling of embedded ICC profiles in JPEG images. Viewing a large maliciously crafted JPEG image may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue through improved processing of ICC profiles. This issue is already addressed in systems running Mac OS X v10.5.5. Credit: Apple.

iLife Support 8.3.1 may be obtained from the Software Update pane in System Preferences, or Apple's Software Downloads web site:
http://www.apple.com/support/downloads/

The download file is named: "iLifeSupport.dmg"
Its SHA-1 digest is: 2911f4608c3c69eb8056a5bf6d5186a4f403517d

Information will also be posted to the Apple Security Updates
web site: http://support.apple.com/kb/HT1222
What's Related

Story Options

 Copyright © 2010 macweb.ciu10.org
 All trademarks and copyrights on this page are owned by their respective owners.		 Powered By Geeklog 
Created this page in 0.53 seconds