MOAB-30-01-2007: Multiple Apple Software Format String Vulnerabilities

Multiple developers of Apple based software including Apples own developers seem to have a misunderstanding of how to properly use NSBeginAlertSheet, NSBeginCriticalAlertSheet, NSBeginInformationalAlertSheet, NSGetAlertPanel, NSGetCriticalAlertPanel, NSGetInformationalAlertPanel, NSReleaseAlertPanel, NSRunAlertPanel, NSRunCriticalAlertPanel, NSRunInformationalAlertPanel, and NSLog.

Further information:

• Multiple Apple Software Format String Vulnerabilities
• Application Kit Functions Reference

MOAB-04-01-2007: iLife iPhoto Photocast XML title Format String Vulnerability

A format string vulnerability in the handling of iPhoto XML feeds title field allows potential remote arbitrary code execution.

For further information:

• MOAB-04-01-2007
• And proof of concept: MOAB-04-01-2007.rb