Rating it "Critical", Secunia has validated the exploit, originally posted by LMH via MoKB (Month of Kernel Bugs). "This issue is remotely exploitable as Safari loads DMG files from external sources (ex. visiting an URL). This can be prevented by changing the Preferences and deactivating the functionality for 'opening "safe" files after downloading'."
LMH has reported a vulnerability in Mac OS X, which potentially can be exploited by malicious, local users to gain escalated privileges or by malicious people to compromise a vulnerable system.
The vulnerability is caused due to an error in com.apple.AppleDiskImageController when handling corrupted DMG image structures. This can be exploited to cause a memory corruption and may allow execution of arbitrary code in kernel-mode.
The vulnerability is reported in a fully patched Mac OS X (2006-11-20). Other versions may also be affected.
News source: Secunia
News source: MoKB Submission
59 Comments - Add comment