Apple Safari Archive Expansion Symbolic Link Target Execution

2006-05-08T00:00:00
ID OSVDB:25598
Type osvdb
Reporter OSVDB
Modified 2006-05-08T00:00:00

Description

Vulnerability Description

Mac OS X contains a flaw that may allow a malicious user to execute arbitrary code. The issue is triggered when an archive file is downloaded with Safari's "Open `safe' files after downloading" option is enabled, and the archive contains a symbolic link, and the target of the symbolic link may be moved to the user's desktop and launched. It is possible that the flaw may allow arbitrary code execution resulting in a loss of integrity.

Solution Description

Install Apple Security Update 2006-003, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

Mac OS X contains a flaw that may allow a malicious user to execute arbitrary code. The issue is triggered when an archive file is downloaded with Safari's "Open `safe' files after downloading" option is enabled, and the archive contains a symbolic link, and the target of the symbolic link may be moved to the user's desktop and launched. It is possible that the flaw may allow arbitrary code execution resulting in a loss of integrity.

References:

Vendor Specific Advisory URL Security Tracker: 1016069 Secunia Advisory ID:20077 Related OSVDB ID: 1005091 Related OSVDB ID: 25590 Related OSVDB ID: 25592 Related OSVDB ID: 25593 Related OSVDB ID: 25583 Related OSVDB ID: 25585 Related OSVDB ID: 25589 Related OSVDB ID: 25596 Related OSVDB ID: 25600 Related OSVDB ID: 25586 Related OSVDB ID: 25588 Related OSVDB ID: 25591 Related OSVDB ID: 25595 Related OSVDB ID: 25597 Related OSVDB ID: 25584 Related OSVDB ID: 25594 Related OSVDB ID: 25599 ISS X-Force ID: 26427 FrSIRT Advisory: ADV-2006-1779 CVE-2006-1457 CERT VU: 519473 CERT: TA06-132A Bugtraq ID: 17951