The vulnerabilities of Apple, Microsoft, OpenOffice

The two vulnerabilities of Internet Explorer 6 were pointed out last week and there is evidence of these vulnerabilities, but Microsoft still has no answer on this issue.

The two vulnerabilities of Internet Explorer 6 were pointed out last week and there is evidence of these vulnerabilities, but Microsoft still has no answer on this issue.

Picture 1 of The vulnerabilities of Apple, Microsoft, OpenOffice
Apple has released updates for Mac OS X and iTunes to resolve this security vulnerability. OpenOffice and StarOffice, Microsoft Office products have also been exposed to security holes and new versions have been released to fix them.

Two Internet Explorer security holes were announced last week. Both vulnerabilities of Internet Explorer 6 (IE) are now fixed in Windows XP SP2 and not in IE 7. One of the bugs that was initially introduced also affected Firefox.

The first error, many of the most critical are allowing the .HTA application to be executed despite its potentially dangerous code. The user is deceived in double clicking on an icon. Then the file saved on the system can be accessed via SMB or WebDAV.

The second error was to allow remote attackers to retrieve content from the Web in its own browser through abuse of the object.documentElement.outerHTML attribute. The higher this vulnerability is, the less security it is.

Last week, Apple released an updated version of Mac OS X and version 6.0.5 of iTunes. Both updates also focus on security issues.

The problems that Mac OS X has been fixed in 10.4.7 include:

  • A mistake in AFP (Appleshare File Protocol) server from version 10.4 to 10.4.6 is to allow search results to show files and folders that are not in the part of the user who wants to search. This is unacceptable because users have access to unnecessary search items.
  • ClamAV (a virus scanner) is available in Mac OS X Server versions from 10.4 to 10.6.6, when setting up automatic updates, it is possible to arbitrarily execute codes due to buffer overflows when updating. A recent version of ClamAV (0.88.2) was released to fix these issues. If you have not updated the fix, please stop the default update mode set up in your computer.
  • Observing a TIFF file in the ImageIO application of versions 10.4 to 10.4.6 OS X Server may cause an arbitrary conflict or code execution.
  • A string format error in version 10.4 to 10.4.6 of the OS X launch program allows a stranger to have the same privileges as an authorized user.
  • Service limitations may result in OpenLDAP server of version 10.4 to 10.4.6 of OS X Server with an invalid LDAP request.

Apple has released security fixes for Mac OS X 10.2.8 or lower versions and also for Windows XP / 2000 operating systems on its website ( www.apple.com ).

OpenOffice and StarOffice may be vulnerable to buffer overflows, which could allow attackers to increase the ability to control the content of users running their programs.

OpenOffice.org 1.1.x and OpenOffice.org 2.0.x are affected. Sun has said that StarOffice 7 Office Suite, StarOffice 6.0 Office Suite and StarOffice 8 Office Suite have vulnerabilities. New versions and plugins have been designed by experts to fix their bugs.

Pham Van Linh
Email: vanlinh@quantrimang.com

Update 12 December 2018
« PREV
NEXT »
Category

Technology

Life

Discover science

Medicine - Health

Event

Entertainment