Apple has released the Security Update 2010-005 for Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.4, Mac OS X Server v10.6.4. This update improves the security of Mac OS X. ATS, CFNetwork, ClamAV, CoreGraphics, libsecurity, PHP, Samba components are mentioned. Of interest is the the description of CoreGraphics:
<blockquote>A heap buffer overflow exists in CoreGraphics' handling of PDF files. Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved bounds checking. Credit to Rodrigo Rubira Branco from the Check Point Vulnerability Discovery Team (VDT) for reporting this issue.</blockquote>
For details about this security update, please refer to About Security Update 2010-005 page.
Security Update 2010-005 can be downloaded from Apple Software Update under Apple menu or from Apple's Support Download site.
UserAgent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.2.8) Gecko/20100722 Firefox/3.6.8
