Intrusion Prevention

Apple.macOS.Mail.Attachment.Name.Buffer.Overflow

Description

It indicates a possible exploit of a buffer overflow vulnerability, in the Mail program in Apple Mac OS X, that may allow remote attackers to execute arbitrary code via a long Real Name value in an e-mail attachment sent in AppleDouble format.

Affected Products

Apple Mac OS X Server 10.4.5
Apple Mac OS X Server 10.4.4
Apple Mac OS X Server 10.4.3
Apple Mac OS X Server 10.4.2
Apple Mac OS X Server 10.4.1
Apple Mac OS X Server 10.4
Apple Mac OS X 10.4.5
Apple Mac OS X 10.4.4
Apple Mac OS X 10.4.3
Apple Mac OS X 10.4.2
Apple Mac OS X 10.4.1
Apple Mac OS X 10.4

Impact

Privilege escalation.

Recommended Actions

Apply patch,available from the web site.
Apple Mac OS X Server 10.4.5
* Apple SecUpd2006-002Intel.dmg
http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty1.pl/product=09965&cat= 1&platform=osx&method=sa/SecUpd2006-002Intel.dmg
* Apple SecUpd2006-002Ti.dmg
http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty1.pl/product=09964&cat= 1&platform=osx&method=sa/SecUpd2006-002Ti.dmg
Apple Mac OS X 10.4.5
* Apple SecUpd2006-002Intel.dmg
http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty1.pl/product=09965&cat= 1&platform=osx&method=sa/SecUpd2006-002Intel.dmg
* Apple SecUpd2006-002Ti.dmg
http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty1.pl/product=09964&cat= 1&platform=osx&method=sa/SecUpd2006-002Ti.dmg

CVE References

CVE-2006-0396