Apple’s October Update Plugs Holes in XML, PHP, PDF
OS X Security Update Fixes 40 Flaws
Severity: High
9 October, 2008
Summary:
§These vulnerabilities affect: OS X 10.4.x (Tiger) and OS X 10.5.x (Leopard), both client and server versions
§How an attacker exploits them: Multiple vectors of attack, including enticing one of your users into visiting a malicious web site, downloading a malicious document, or subscribing to a malicious RSS feed
§Impact: Various results; in the worst case, attacker executes code on your user’s computer, potentially gaining full control of it
§What to do: OS X administrators should download, test and install Security Update 2008-007