New iOS Jail Break Stokes Fears of Drive By Attacks

The clock is ticking for Apple to issue a patch for the iOS operating system that powers iPhones, iPods and iPads following the release of a remote exploit that uses specially crafted PDF files to defeat iOS’s content protection mechanisms and “jailbreak” mobile devices like the iPhone and iPad...

[CORE-2010-0825] Apple OS X ATSServer CFF CharStrings INDEX Sign Mismatch

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://corelabs.coresecurity.com/ Apple OS X ATSServer CFF CharStrings INDEX Sign Mismatch 1. Advisory Information Title: Apple OS X ATSServer CFF CharStrings INDEX Sign Mismatch Advisory Id: CORE-2010-08...

Apple Fixes 13 Bugs in Major OS X Patch Release

Apple released a patch Tuesday that fixes more than a dozen bugs, including a critical remote code-execution flaw in Apple Type Services. The patch release also includes a fix for a flaw in CFNetwork that enabled an attacker to intercept user credentials and other sensitive data silently on a...

Apple Mac OS X CoreFoundation CFPlugIn facilities automatically load plug-in executables

Overview There is a vulnerability in the Mac OS X CoreFoundation framework that could allow a local attacker to gain elevated privileges. Description The Core Foundation framework CoreFoundation.framework is designed to allow code and data sharing between frameworks, libraries, and applications i...

Apple Safari fails to properly handle form data in HTTP redirects

Overview There is a vulnerability in the way Safari handles form data that may expose sensitive information when the forward/backward buttons are used. Description Apple Safari is a web browser available for the Mac OS X operating system. A vulnerability exists in the way Safari handles web form...

Apple Mac OS X Point-to-Point Protocol daemon (pppd) contains format string vulnerability

Overview Apple Mac OS X Point-to-Point Protocol daemon contains a format string vulnerability in the handling of invalid command line arguments. Description The Point-to-Point Protocol PPP provides a method for transmitting datagrams over serial point-to-point links. There is a format string...

screenapple.txt

Hi all, three days ago i discovered a security issue, with the last MacOSX. there is a way to crash the screensaver locked with password and gain the desktop. how? - you ask. i don't know the exact amount of characters, only that if you leave a key pressed for 5 minutes or more and then hit the...

[Full-Disclosure] MacOSX - crash screensaver locked with password and get the desktop back

Hi all, three days ago i discovered a security issue, with the last MacOSX. there is a way to crash the screensaver locked with password and gain the desktop. how? - you ask. i don't know the exact amount of characters, only that if you leave a key pressed for 5 minutes or more and then hit the...