Here’s a collection of recent security vulnerabilities and alerts, which covers a local escalation of priviledge in Symantec Antivirus for Mac, vulnerabilities discovered in ACDSee, and a vulnerability found in IPSwitch e-mail client - which comes bundled with the IPSwitch IMail Server for Windows.
- Local escalation of privilege vulnerability in Symantec Antivirus for Mac
A feature in both Norton and Symantec Antivirus for the Mac could be used by members of the group admin to execute code as the root user (uid 0) on the local system.
An executable used by the Mount Scan feature of Symantec AntiVirus for Macintosh and Norton AntiVirus for Macintosh runs with root access. A member of group admin could replace this executable with code of their choice, and gain user root access.
As one of two possibility ways to mitigate the problem, Symantec recommends that users disables “Show Progress During Mount Scans” in the Mount Scan tab of Auto-Protect System preferences.
- Vulnerabilities discovered in ACDSee
Secunia Research has discovered some vulnerabilities in ACDSee products which can be exploited by attackers to inject and execute malicious code embedded in images attached to e-mail or downloaded from websites.
According to the security advisory, ACDSee Photo Manager Version 9.0 Build 108, ACDSee Pro Photo Manager Version 8.1 Build 99 and ACDSee Photo Editor Version 4.0 Build 195 are affected.
Additional information from ACDSee as well as an update is available here.
- Vulnerability found in IPSwitch e-mail client
A vulnerability has been discovered in IMail Client 9.22 for Windows, which is included in IPSwitch IMail Server 2006. The vendor recommends deleting the client from the server. The client will also be removed from future releases.
A buffer overflow occurs when “multipart” MIME data are read. Secunia have discovered that a boundary parameter longer than 212 bytes provokes the overflow, which in turn allows code to be written onto the stack and launched with the user’s rights. The flaw was discovered in version 9.22 of the client.