Categories: Computers


A vulnerability has been reported in Apple Mac OS X, which can be
exploited by malicious people to compromise a user’s system.

The vulnerability is caused due to an indexing error in Apple Type
Services within the “TType1ParsingContext::SpecialEncoding()” method
in libFontParser.dylib when parsing embedded fonts. This can be
exploited to corrupt memory e.g. via a specially crafted PDF file
opened in Preview

Successful exploitation may allow execution of arbitrary code.

The vulnerability is reported in Mac OS X Server 10.5, Mac OS X 10.5,
Mac OS X 10.6, and Mac OS X Server 10.6.

Apply Security Update 2010-003.


Reference: CVE-2010-1120

Unspecified vulnerability in Safari 4 on Apple Mac OS X 10.6 allows remote attackers to execute arbitrary code via unknown vectors, as demonstrated by Charlie Miller during a Pwn2Own competition at CanSecWest 2010.

Please follow and like us:
Pin Share