Monday, November 20, 2006
MOKB-20-11-2006: Mac OS X Apple UDIF Disk Image Kernel Memory Corruption (1)
Mac OS X com.apple.AppleDiskImageController fails to properly handle corrupted DMG image structures, leading to an exploitable memory corruption condition with potential kernel-mode arbitrary code execution by unprivileged users.
- More details and debugging information
- Proof of concept: MOKB-20-11-2006 .dmg.bz2 (needs decompressing), MOKB-20.dmg (direct link for proud Safari users).