MOAB-19-01-2007: Transmit.app ftps:// URL Handler Heap Buffer Overflow

Transmit does not allocate enough space when dealing with the string passed on via the ftps:// URL handler, leading to an exploitable heap-based buffer overflow condition.

For further information:

• Transmit.app ftps:// URL Handler Heap Buffer Overflow
• Proof of concept: MOAB-19-01-2007.html

We are releasing miscellaneous issues in order to have a slot full of interesting releases for this next week, that need to be properly worked on. To all of those asking 'Is that an Apple bug?' , please refer to the FAQ:

1. Are Apple products the only one target of this initiative?

Not at all, but they are the main focus. We'll be looking over popular OS X applications as well.