Short Name |
HTTP:MISC:APPLE-INSTALLER-FS |
---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Apple Mac OS X Installer Package Filename Format String Vulnerability |
Release Date |
2010/10/01 |
Update Number |
1784 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability against the Apple Mac OS X Installer application. By embedding format string characters in a filename, an attacker can cause arbitrary code to be executed on the client host.
Apple Installer is prone to a format-string vulnerability because the application fails to properly sanitize user-supplied input before passing it as the format specifier to a formatted-printing function. A successful attack may crash the application or possibly allow the attacker to execute arbitrary code. This may facilitate unauthorized access or privilege escalation in the context of the user running the application. Apple Installer Version 2.1.5 on Mac OS X 10.4.8 is vulnerable to this issue; other versions may also be affected.