Multiple Vulnerabilities in Apple and Adobe Products
Original release date: October 02, 2006
Last revised: --
Source: US-CERT
Systems Affected
- Apple Mac OS X version 10.3.9 and earlier (Panther)
- Apple Mac OS X version 10.4.7 and earlier (Tiger)
- Apple Mac OS X Server version 10.3.9 and earlier
- Apple Mac OS X Server version 10.4.7 and earlier
- Safari web browser
- Adobe Flash Player 8.0.24 and earlier
These vulnerabilities affect both Intel-based and PowerPC-based Apple systems.
Overview
Apple has released Security Update 2006-006 and Mac OS X 10.4.8 Update to correct multiple vulnerabilities affecting Mac OS X, OS X Server, Safari, Adobe Flash Player, and other products. The most serious of these vulnerabilities may allow a remote attacker to execute arbitrary code. Impacts of other vulnerabilities include bypass of security restrictions and denial of service.
I. Description
Apple has released Security Update 2006-006 to address numerous vulnerabilities affecting Mac OS X, OS X Server, Safari, Adobe Flash Player, and other products.
Further details are available in the individual Vulnerability Notes for Apple Security Update 2006-006.
Apple has also released Mac OS X 10.4.8 Update (Intel) for Intel-based Apple systems. This update addresses the vulnerabilities described in Apple Security Update 2006-006 for Intel-based Apple systems.
This security update also addresses previously known vulnerabilities in Adobe Flash Player. More information on those vulnerabilities can be found in Adobe Security Bulletin APSB06-11 and the Vulnerability Notes for Adobe Security Bulletin APSB06-11.
II. Impact
The impacts of these vulnerabilities vary. For information about specific impacts, please see the Vulnerability Notes for Apple Security Update 2006-006. Potential consequences include remote execution of arbitrary code or commands, bypass of security restrictions, and denial of service.
III. Solution
Install updates
Install Apple Security Update 2006-006. This and other updates are available via Apple Update or via Apple Downloads.
Users with Intel-based Apple systems should upgrade to Mac OS X 10.4.8 Update (Intel) to receive the necessary security updates.
IV. References