Zero Day Initiative Advisory 11-074 – This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader on Mac OS X. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the U3D component distributed with the Reader.
>> CATEGORY: OSX security tools
Zero Day Initiative Advisory 11-038 – This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime.
Zero Day Initiative Advisory 11-038 – This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
Whitepaper called The Apple Sandbox. It discuss the access control system in OS X and iOS operating systems.
SplashID version 5.5 for iPhone and SplashID Lite version 4.6 for iPhone suffer from a password caching issue that allows for the unlock of a database.
Kismet is an 802.11 layer 2 wireless network sniffer. It can sniff 802.11b, 802.11a, and 802.11g traffic.
ZORG is an open source implementation of the ZRTP protocol implementation. ZRTP provides end-to-end key exchange with Elliptic Curve Diffie-Hellmann 384bit and AES-256 SRTP encryption.
NetSupport Manager Agent suffers from a stack-based buffer overflow vulnerability.
Secunia Security Advisory – A vulnerability has been reported in Mac OS X, which can be exploited by malicious people to potentially compromise a vulnerable system.
Secunia Security Advisory – Multiple vulnerabilities have been reported in Apple Airport Extreme and Time Capsule, which can be exploited by malicious users to bypass certain security restrictions and by malicious people to cause a DoS (Denial of Service).