posted on Apr, 20 2005 @ 07:27 PM
Apple computer has issued a patch for its iSync program. The flaw contained therein will allow arbitrary commands to be executed by system users, if
left unpatched. The patch fixes an overflow buffer vulnerabilty in the helper tool mRouter.
apple.com
Available for: iSync 1.5 on Mac OS X v10.2.8 and Mac OS X v10.3.x
CVE-ID: CAN-2005-0193
Impact: A buffer overflow in iSync could lead to local privilege escalation.
Description: The iSync helper tool mRouter contains a buffer overflow vulnerability. This could result in the execution of arbitrary commands as root
by local system users. Security Update 2005-004 fixes this issue by providing a patched version of mRouter. Credit to Braden Thomas for reporting this
issue.
Please visit the link provided for the complete story.
The patch for this flaw can be accessed at the link above. As this flaw is a security risk, it is recommended that the patch be downloaded as soon
as possible.
[edit on 05/4/20 by GradyPhilpott]