Apple has released Security Update 2010-005 for Macs running Mac OS X 10.5 Leopard and 10.6 Snow Leopard.
Security issues addressed in this update are:
â€¢ ATS: Viewing or downloading a document containing a maliciously crafted embedded font may lead to arbitrary code execution
â€¢ CFNetwork: An attacker with a privileged network position may intercept user credentials or other sensitive information
â€¢ ClamAV: Multiple vulnerabilities in ClamAV
â€¢ CoreGraphics: Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution
â€¢ libsecurity: An attacker in a privileged network position who can obtain a domain name that differs only in the last characters from the name of a legitimate domain may impersonate hosts in that domain
â€¢ PHP: Loading a maliciously crafted PNG image may lead to an unexpected application termination or arbitary code execution and Multiple vulnerabilities in PHP 5.3.1
â€¢ Samba: An unauthenticated remote attacker may cause a denial of service or arbitrary code execution
For more information about this security update please read: About Security Update 2010-005.
This update is available form the Software Update Utility or from Apple’s website:
Arabic version of this post on SaudiMac Arabic Edition.