Core Security has relased information about a serious security vulnerability in Apple’s Mac OS X 10.5, that could allow hackers to take complete control of a vulnerable machine via malicious PDF files.
“In an advisory, Core Security said Apple claims it already has a patch prepared for this issue but failed to release the fix despite several promises. Apple didn’t give any reasons for skipping the patch release,” said Core.
Here’s the problem:
Apple Type Services is prone to memory corruption due a sign mismatch vulnerability when handling the last offset value of CharStrings INDEX structure.
This vulnerability could be used by a remote attacker to execute arbitrary code, by enticing user of Mac OS X v10.5.x to view or download a PDF document containing a embedded malicious CFF font (Compact Font Format.
This vulnerability is a variation of the vulnerability labeled as CVE-2010-1797 (FreeType JailbreakMe iPhone exploit variation).
Core encourages Apple users to upgrade to Apple Mac OSX 10.6, which isn’t affected by this vulnerability.