Intrusion Prevention

Apple.Mac.OS.X.Mail.Code.Execution

Description

This indicates an attempt to exploit a Code Execute vulnerability in the Mac OS X Mail.
The vulnerability is due to insufficient input validation when handling a malformed file. As a result, a remote attacker may be able to execute arbitrary code within the context of the application.

Affected Products

Apple Mac OS X Server 10.4.5
Apple Mac OS X Server 10.4.4
Apple Mac OS X Server 10.4.3
Apple Mac OS X Server 10.4.2
Apple Mac OS X Server 10.4.1
Apple Mac OS X Server 10.4
Apple Mac OS X Server 10.3.9
Apple Mac OS X Server 10.3.8
Apple Mac OS X Server 10.3.7
Apple Mac OS X Server 10.3.6
Apple Mac OS X Server 10.3.5
Apple Mac OS X Server 10.3.4
Apple Mac OS X Server 10.3.3
Apple Mac OS X Server 10.3.2
Apple Mac OS X Server 10.3.1
Apple Mac OS X Server 10.3
Apple Mac OS X 10.4.5
Apple Mac OS X 10.4.4
Apple Mac OS X 10.4.3
Apple Mac OS X 10.4.2
Apple Mac OS X 10.4.1
Apple Mac OS X 10.4
Apple Mac OS X 10.3.9
Apple Mac OS X 10.3.8
Apple Mac OS X 10.3.7
Apple Mac OS X 10.3.6
Apple Mac OS X 10.3.5
Apple Mac OS X 10.3.4
Apple Mac OS X 10.3.3
Apple Mac OS X 10.3.2
Apple Mac OS X 10.3.1
Apple Mac OS X 10.3

Impact

System Compromise: Remote attackers can gain control of vulnerable systems

Recommended Actions

Apple has released security advisory APPLE-SA-2006-03-01 to address these issues.
Apple Mac OS X Server 10.3.9
Apple SecUpdSrvr2006-001Pan.dmg
http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty1.pl/product=09858&cat= 1&platform=osx&method=sa/SecUpdSrvr2006-001Pan.dmg
Apple Mac OS X 10.3.9
Apple SecUpd2006-001Pan.dmg
http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty1.pl/product=09857&cat= 1&platform=osx&method=sa/SecUpd2006-001Pan.dmg
Apple Mac OS X Server 10.4.5
Apple SecUpd2006-001Intel.dmg
http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty1.pl/product=09822&cat= 1&platform=osx&method=sa/SecUpd2006-001Intel.dmg
Apple SecUpd2006-001Ti.dmg
http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty1.pl/product=09818&cat= 1&platform=osx&method=sa/SecUpd2006-001Ti.dmg
Apple Mac OS X 10.4.5
Apple SecUpd2006-001Intel.dmg
http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty1.pl/product=09822&cat= 1&platform=osx&method=sa/SecUpd2006-001Intel.dmg
Apple SecUpd2006-001Ti.dmg
http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty1.pl/product=09818&cat= 1&platform=osx&method=sa/SecUpd2006-001Ti.dmg

CVE References

CVE-2006-0395