Apple OS X Internet Enabled Disk Image Remote Code Execution Vulnerability

ID ZDI-10-039
Type zdi
Reporter Brian Mastenbrook
Modified 2010-11-09T00:00:00


This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple OS X. User interaction is required to exploit this vulnerability in that the target must open a malicious file.

The specific flaw exists in the handling of internet enabled disk image files. When a specially crafted Menu Extras plugin is included in the disk image, it is executed without further interaction allowing for arbitrary code execution under the context of the current user.