Leopard Mail May Include Tiger Security Flaw
Leopard Mail May Include Tiger Security Flaw
by , 9:40 AM EST, November 21st, 2007
Heise Security says Apple's Mail application in Mac OS X 10.5 may include a security flaw that the company previously patched in Mac OS X 10.4. The flaw could allow an attacker to trick Mail users into running an application by disguising it as a JPEG email attachment.
Apple patched the flaw in Tiger's Mail application in March 2006, but somehow it seems the same security hole was reintroduced when Leopard shipped at the end of October.
The security company has developed a demonstration showing the flaw. The demonstration emails a harmless attachment that launches the Terminal application and displays the contents of the current directory.
This potential security flaw appears to impact Leopard users only. Tiger users with current updates installed are not impacted.
Recent TMO Headlines - Updated December 15th
- Sat, 9:00 AM
- Defense Duo Wireless Charger for iPhone, AirPods, and More [Sponsorship]
- Fri, 4:30 PM
- Maybe There's Room in Apple's Lineup for a New Mac Model
- Fri, 3:19 PM
- I Love AirPods Pro (Part I)
- Fri, 2:38 PM
- How Social Media Warps Democracy
- Fri, 2:24 PM
- Monitor Your Eyesight Right at Home with This Automated Vision Tracking Device: $50.99
- Fri, 2:22 PM
- Cellebrite Now Uses iOS Exploit Checkm8
- Fri, 2:15 PM
- U.S - China Trade Deal Could Stop $150 iPhone Price Increase
- Fri, 2:08 PM
- New Zealanders Can Finally Use a Cellular Apple Watch
- Fri, 2:05 PM
- Spectre Camera Adds New Depth to My Photos
- Fri, 1:48 PM
- Apple Podcasts via Alexa, OS Updates– TMO Daily Observations 2019-12-13
- Fri, 1:40 PM
- Two Weeks With the New Mac Pro
- Fri, 1:32 PM
- Apple Offers Free Color DNA Tests to Employees
