The French Security Incident Response Team (FrSIRT) issued a report on Tuesday claiming a potential security risk has been found in Mac OS X. The security flaw takes advantage of a memory corruption error in the com.apple.AppleDiskImageController file when dealing with corrupt disk images. In theory, a remote attacker could execute commands through Safari by embedding them in a malicious Web page.
FrSIRT claims that this vulnerability affects Mac OS X 10.4.8 and earlier, and that Apple has not yet patched the flaw. Users can protect themselves, however, by disabling Safariis Open "safe" files after downloading option in the applicationis preferences.
 Uncheck Safariis Open "safe" files option. |
|---|
There are no known reports of this potential exploit being used.