|
Brought to you by:
Suppliers of:
|
|
|
| |
"Mac OS X is the latest version of the Mac OS, the operating system software for Macintosh computers. It consists of two main parts: Darwin, an open source UNIX-like environment which is based on the BSD source tree and the Mach microkernel, adapted and further developed by Apple Computer with involvement from independent developers; and a proprietary GUI named Aqua, developed by Apple."
Combination of Safari and Dashboard in OS X are vulnerable to arbitrary widget injection, exploiting this vulnerability may lead to arbitrary code execution and allows malicious attacker to gain full control over the system. |
| |
Credit:
The original article can be found at: http://stephan.com/widgets/zaptastic/, http://www1.cs.columbia.edu/~aaron/files/widgets/ and http://www.osvdb.org/16499
|
| |
Vulnerable Systems:
* Mac OS X version 10.4
Immune Systems:
* Mac OS X version 10.4.1 or newer
Dashboard in combination with Safari in Mac OS X contains a flaw that may allow a remote attacker to inject arbitrary widgets. The issue is triggered when the 'Open "safe" files after downloading' option in Safari is enabled. It is possible that the flaw may allow a remote attacker to create a malicious web page that contains an embedded META tag to trigger Safari to download a malicious widget, which would be automatically installed under the /Library/Widgets or ~/Library/Widgets directory without any user intervention resulting in a loss of integrity.
Workaround:
Disable the 'Open "safe" files after downloading' option in Safari.
|
|
|
|
|
