Intrusion Prevention

Apple.iChat.aim.URL.Handler.Format.String

Description

This indicates an attack attempt against format string vulnerability in Apple iChat.
The vulnerability is caused by an error when handling an "aim://" URI with a specially crafted argument, which could be exploited by attackers to crash a vulnerable application or potentially compromise an affected system by enticing users into visiting a specially crafted web page.

Affected Products

Apple Mac OS X version 10.3.9 and prior.
Apple Mac OS X Server version 10.3.9 and prior.
Apple Mac OS X version 10.4.8 and prior.
Apple Mac OS X Server version 10.4.8 and prior.

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.
Denial of Service: Remote attackers can crash vulnerable systems.

Recommended Actions

Apply patch, available from the web site:
Security Update 2007-002 (Universal):
http://www.apple.com/support/downloads/securityupdate2007002universal.html
Security Update 2007-002 (PPC):
http://www.apple.com/support/downloads/securityupdate2007002ppc.html
Security Update 2007-002 (Panther):
http://www.apple.com/support/downloads/securityupdate2007002panther.html

CVE References

CVE-2007-0021