Multiple vulnerabilities have been identified in Apple Mac OS X, which could be exploited by remote or local attackers to execute arbitrary commands, cause a denial of service, disclose sensitive information, or bypass security restrictions.
These issues are due to errors in ColorSync, CoreGraphics, Crash Reporter, CUPS, Disk Images, DS Plug-Ins, Flash Player, GNU Tar, HFS, HID Family, ImageIO, Kernel, MySQL Server, Networking, OpenSSH, Printing, QuickDraw Manager, servermgrd, SMB File Server, Software Update, sudo and WebLog.
For additional information, see : FrSIRT/ADV-2007-0074 - FrSIRT/ADV-2006-4629 - FrSIRT/ADV-2007-0141 - FrSIRT/ADV-2007-0171 - FrSIRT/ADV-2006-4448 - FrSIRT/ADV-2006-4714 - FrSIRT/ADV-2006-4762 - FrSIRT/ADV-2006-4746 - FrSIRT/ADV-2007-0191 - FrSIRT/ADV-2007-0337 - FrSIRT/ADV-2006-4094 - FrSIRT/ADV-2006-0684 - FrSIRT/ADV-2006-4717 - FrSIRT/ADV-2006-1633 - FrSIRT/ADV-2006-2105 - FrSIRT/ADV-2006-3079 - FrSIRT/ADV-2006-3306 - FrSIRT/ADV-2006-0306 - FrSIRT/ADV-2006-3777 - FrSIRT/ADV-2006-3633
Affected Products
Apple Mac OS X version 10.3.9 and prior
Apple Mac OS X Server version 10.3.9 and prior
Apple Mac OS X version 10.4.8 and prior
Apple Mac OS X Server version 10.4.8 and prior
Solution
Apply updates :
http://www.apple.com/support/downloads/