Leopard Mail May Include Tiger Security Flaw
Leopard Mail May Include Tiger Security Flaw
by , 9:40 AM EST, November 21st, 2007
Heise Security says Apple's Mail application in Mac OS X 10.5 may include a security flaw that the company previously patched in Mac OS X 10.4. The flaw could allow an attacker to trick Mail users into running an application by disguising it as a JPEG email attachment.
Apple patched the flaw in Tiger's Mail application in March 2006, but somehow it seems the same security hole was reintroduced when Leopard shipped at the end of October.
The security company has developed a demonstration showing the flaw. The demonstration emails a harmless attachment that launches the Terminal application and displays the contents of the current directory.
This potential security flaw appears to impact Leopard users only. Tiger users with current updates installed are not impacted.
Recent TMO Headlines - Updated January 28th
- Mon, 6:54 PM
- Quick Tips, Sonos, Media, and Megabytes – Mac Geek Gab 799
- Mon, 6:00 PM
- Eclectic Light Company Founder Dr. Howard Oakley - TMO Background Mode Interview
- Mon, 3:49 PM
- FCC Unlocks 3.5GHz Spectrum ‘OnGo’ Band that iPhones 11 Can Use
- Mon, 3:46 PM
- Boost Productivity with this App's Task Timelines, Project Visualization, Daily Planning, and Cross-Links: $25
- Mon, 3:01 PM
- Apple History: Steve Jobs Revealed the iPad 10 Years Ago
- Mon, 2:48 PM
- Imagination CEO Reflects on Renewed Relationship With Apple
- Mon, 2:18 PM
- Sneak Peak of Upcoming Apple TV+ Beastie Boys Documentary
- Mon, 2:11 PM
- Changing Apple Hiring, More Phone Hack Info – TMO Daily Observations 2020-01-27
- Mon, 2:03 PM
- CarPlay Comes to Fiat Chrysler Vehicles With UConnect 5
- Mon, 1:39 PM
- New 'Shot on iPhone' Clip - 'Powder'
- Mon, 1:15 PM
- Leaked Documents Reveal Antivirus Surveillance Industry
- Mon, 11:48 AM
- Apple Partners With Microsoft on Patient Access to Health Data
