Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 internet speed test! ×
Security

Submission + - Apple Mail in Leopard vulnerable again (heise-security.co.uk)

juct writes: "In March 2006 Apple defused a security problem in Apple Mail that made it possible to inject disguised malignant code. In Leopard, the patch was apparently forgotten. This means that you can inadvertently start an executable by double-clicking a mail attachment that looks like a JPEG image file. This works with special attachmnets of the MIME type AppleDouble, that carry information which application should be used to open a file. In Tiger you got a warning about a program being opened, Leopard silently executes a shell script with Terminal.app. heise Security provides a demo, where you can check for yourself."
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Apple Mail in Leopard vulnerable again

Comments Filter:

Uncertain fortune is thoroughly mastered by the equity of the calculation. - Blaise Pascal

Working...