Thursday, March 21, 2013
Apple has released an update that covers the vulnerability in the operating systems
Among the closed holes: two vulnerabilities Wiki Server, allowing remote code execution. A vulnerability in the Profile Manager, one in the Podcast Producer server and one in PDFKit.
Were closed vulnerabilities that allow attackers, under certain conditions, arbitrary code execution by exploiting a vulnerability in the ImageIO, with a malicious TIFF file or a memory corruption problem in IOAcceleratorFamily.
Other vulnerabilities addressed by updating 2013-001: canonicalization in Apache, cross-site scripting (XSS-vulnerability) in International Components for Unicode (ICU) and a hole in the kernel, which is a source of information leakage.
According to reports, for the information about the vulnerabilities, Apple has issued a number of third-party compensation experts, in particular, Clint Ruoho of Laconic Security, Masato Kinugawa, Mark Dowd of Azimuth Security, Eric Monti from Square, Aaron Sigel with vtty.com, Tobias Klein, Kevin Szkudlapski of QuarksLab and Emilio Escobar.