Apple Computer has patched a variety of Java-based security holes in Mac OS X that attackers could exploit to boost user privileges, tamper with existing files or create malicious ones. They also could intercept the traffic flow to Java applications.
Danish vulnerability management firm Secunia labeled the flaws "moderately critical," saying in an advisory that they could be exploited by malicious local users "to manipulate certain data, disclose sensitive information and gain escalated privileges, and by malicious people to bypass certain security restrictions."
Specifically, the glitches are:
- An unspecified error in how temporary files are handled. Attackers could use this and a race condition flaw to cook up an exploit to corrupt existing files or create new files with malicious code.
- An error where temporary files are created insecurely. Attackers could exploit this to corrupt existing files or create new files with malicious code.
- An unspecified error in the utility used to update Java shared archives, which local attackers could exploit to enhance their user privileges.
- An unspecified error in how specific Mac OS X extensions are used. Attackers could use malicious applets to enhance their user privileges.
- A flaw in which a Java ServerSocket object can be created for a port that's already in use. Attackers could exploit this to intercept traffic sent to a Java application already listening on that port.
Only the first flaw affects Mac OS X versions prior to 10.4, Secunia said.
This is the second time in as many months that Apple has had to contend with multiple vulnerabilities in the operating system. Last month, the Cupertino, Calif.-based company had to pull a batch of security fixes after thousands of customers complained the patches broke 64-bit applications.
Only a few of the 44 fixes involved were for critical vulnerabilities. The patches impacted Mac OS 10.3.9 and 10.4.2 software, and critical flaws involved AppKit, which opens rich-text files and Word documents, and the Web browser Safari. Other applications in need of a fix at the time included Apple's Sever Manager D and Apache 2, among others.