Leopard Mail May Include Tiger Security Flaw
Leopard Mail May Include Tiger Security Flaw
by , 9:40 AM EST, November 21st, 2007
Heise Security says Apple's Mail application in Mac OS X 10.5 may include a security flaw that the company previously patched in Mac OS X 10.4. The flaw could allow an attacker to trick Mail users into running an application by disguising it as a JPEG email attachment.
Apple patched the flaw in Tiger's Mail application in March 2006, but somehow it seems the same security hole was reintroduced when Leopard shipped at the end of October.
The security company has developed a demonstration showing the flaw. The demonstration emails a harmless attachment that launches the Terminal application and displays the contents of the current directory.
This potential security flaw appears to impact Leopard users only. Tiger users with current updates installed are not impacted.
Recent TMO Headlines - Updated September 29th
- Mon, 5:30 PM
- Astrogator and CEO Mike Loucks - BGM Interview
- Mon, 5:26 PM
- Federal Judge Halts TikTok Ban From United States
- Mon, 4:58 PM
- Plot Twist: Apple Also Has to Follow Google Play Store Rules
- Mon, 3:58 PM
- Can iOS 14 Widgets Steal Your Keyboard Info?
- Mon, 1:39 PM
- MacBook Air's Numbered Days – TMO Daily Observations 2020-09-28
- Mon, 12:45 PM
- ‘Billie Eilish: The World’s A Little Blurry’ Arrives on Apple TV in 2021
- Mon, 10:45 AM
- Roku OS 9.4 Adds Support for HomeKit, AirPlay 2
- Mon, 9:55 AM
- Put Sticky Notes on Your Home Screen With ‘Sticky Widgets’
- Mon, 9:33 AM
- EU to Appeal Apple-Ireland Tax Judgement
- Mon, 8:16 AM
- Fitness+: Can Apple See Off Big-Name Rivals?
- Mon, 8:03 AM
- Windows XP Had a Very Mac-like Unused Theme
- Mon, 7:44 AM
- England Fixes COVID-19 App Issue
