Apple pushed out an update late Monday to its iLife suite of multimedia software programs.
iLife Support version 8.3.1 corrects three vulnerabilities that could be exploited to crash an application or execute remote code, Apple said in an advisory.
The three flaws involve memory access or memory corruption issues. In two of the cases, viewing a specially crafted TIFF file could permit an attack, while the third is exploitable when a user views a malicious JPEG image.
iLife applications include iPhoto, iMovie, iDVD, GarageBand and iWeb. Each of these programs allow users to create multimedia files.
iLife Support supports system software components shared by all iLife applications, according to Apple.
See original article on SC Magazine US
Apple distributes fixes for iLife
By Dan Kaplan on Nov 12, 2008 11:09AM