Apple Mac OS X Finder fails to properly handle malformed .DS_Store files

2006-11-29T00:00:00
ID VU:258744
Type cert
Reporter CERT
Modified 2006-11-30T00:00:00

Description

Overview

Apple Finder fails to properly handle malformed .DS_Store files. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code.

Description

.DS_Store files are hidden files used by Apple Finder to control the display of a folder and its contents.

According to Apple Security Advisory 2006-007:

_A heap buffer overflow may be triggered when the Finder is used to browse a directory containing a corrupt ".DS_Store" file. By enticing a user to browse a directory containing a maliciously-crafted ".DS_Store" file, an attacker may be able to trigger the overflow. This could lead to an application crash or arbitrary code execution with the privileges of the user running Finder. ".DS_Store" files may be included in archives, on disk images, and on network file systems. _


Impact

A remote, unauthenticated attacker may be able to execute arbitrary code with the privileges of the user running Apple Finder.


Solution

Apply Apple Updates