Here are some of the most significant bugs from the past week in the BugBlog:
There is a buffer overflow in the Opera 8.54 web browser that may allow an attacker to run their code on your system via a JPEG image. This has been reported by Secunia, who credits Vigilant Minds for finding the bug. As a fix, upgrade to the newly released Opera 9.0.
A bug in the way that Apple iTunes 6.0.4 and earlier parses AAC files may allow an attacker to construct an .M4A or .M4P file that triggers a integer overflow error. This will corrupt memory, and may allow the attacker to run their own code on the computer. This has been fixed in iTunes 6.0.5 for both Windows and Mac OS X computers. Apple credits ATmaCA, TippingPoint, and the Zero Day Initiative for finding this bug. Get the update at Apple's support page.
If you are having problems in synchronizing between your Mac OS X computer and a Motorola cell phone using iSync and Bluetooth, get the Mac OS X 10.4.7 update. Apple says this update gives much better support for the Motorola phones.Powered by Sidelines