Apple has released Security Update 2008-001 and OS X version 10.5.2 to correct multiple vulnerabilities affecting Apple Mac OS X and Mac OS X Server. Attackers could exploit these vulnerabilities to execute arbitrary code, gain access to sensitive information, or cause a denial of service.
Apple Security Update 2008-001 and Apple Mac OS X version 10.5.2 address a number of vulnerabilities affecting Apple Mac OS X and OS X Server versions prior to and including 10.4.11 and 10.5.1. Further details are available in the US-CERT Vulnerability Notes Database.
The update also addresses vulnerabilities in other vendors' products that ship with Apple OS X or OS X Server. These products include Samba and X11.
The impacts of these vulnerabilities vary. Potential consequences include arbitrary code execution, sensitive information disclosure, and denial of service.
Install Apple Security Update 2008-001 or Apple Mac OS X version 10.5.2. These and other updates are available via Software Update or via Apple Downloads.
Feedback can be directed to US-CERT.
Produced 2008 by US-CERT, a government organization. Terms of use
Revision History
February 12, 2008: Initial release