Apple patches pair of Xcode Tools flaws

Apple patched two issues in Xcode Tools 2.5 on Tuesday, including one flaw that could allow remote code execution.

A newly patched buffer overflow flaw exists in the gdb application's handling of Tektronix Hex (TekHex) Format files. The bug could be exploited by an attacker to run arbitrary code if a user is enticed to run gdb's restore command on a maliciously crafted TekHex file, according to an advisory released Tuesday by Apple.

The update fixes the issue by performing additional validation of TekHex records.

The patch release also fixes a flaw in Xcode Tools' WebObjects that an unprivileged user could exploit to obtain system privileges.

The flaw exists in the demo version of OpenBase contained in Xcode WebObjects, which is disabled to fix the issue.

Apple credited researcher Kevin Finisterre of Netragard for reporting both issues.

See original article on SC Magazine US

WA makes its chief data officer permanent

Samsung tried to fix triple zero problem with mobiles nearly five years ago

Cochlear plugs AI into its global contact centre operations

Seqwater seeking asset planning tool to overcome "functional limitations"

Australia says the world will follow its social media ban

Apple patches pair of Xcode Tools flaws

Apple patched two issues in Xcode Tools 2.5 on Tuesday, including one flaw that could allow remote code execution.

Partner Content

Sponsored Whitepapers

Events

Most Read Articles

WA man jailed for at least five years for evil twin attack

Home Affairs to unleash AI on sensitive government data

Watt flags more fed insourcing after BoM website outrage

ASX outage caused by security software upgrade

Most popular tech stories

CBA finds its first chief AI officer

Virgin Australia, Wesfarmers strike OpenAI agreements

QBE backs leadership and startup culture to deliver transformation

News Corp Australia taps IAG digital exec as next CDTO

Chemist Warehouse's AI tool for HR becoming a "standard pattern"

HamiltonJet partners with digital services provider Fortude

SentinelOne signs distribution agreement with Sektor

Rapid7’s new SIEM combines exposure management with threat detection

The techpartner.news podcast, episode 3: Why security consultancy founder Kat McCrabb started with the hard stuff

Bluechip Infotech enters final stage of Goodson Imports acquisition

Blackberry celebrates "giant step forward"

Govt launches consumer tech label program for smart devices

'Touch-free' smartphone controlled with head movements

Perth IoT vendor Digital Matter names new chief executive

Axis Communications opens experience centre in Sydney tech hub

WA makes its chief data officer permanent

Samsung tried to fix triple zero problem with mobiles nearly five years ago

Cochlear plugs AI into its global contact centre operations

Seqwater seeking asset planning tool to overcome "functional limitations"

Australia says the world will follow its social media ban

Apple patches pair of Xcode Tools flaws

Apple patched two issues in Xcode Tools 2.5 on Tuesday, including one flaw that could allow remote code execution.

Partner Content

Sponsored Whitepapers

Events

Most Read Articles

WA man jailed for at least five years for evil twin attack

Home Affairs to unleash AI on sensitive government data

Watt flags more fed insourcing after BoM website outrage

ASX outage caused by security software upgrade

Most popular tech stories

CBA finds its first chief AI officer

Virgin Australia, Wesfarmers strike OpenAI agreements

QBE backs leadership and startup culture to deliver transformation

News Corp Australia taps IAG digital exec as next CDTO

Chemist Warehouse's AI tool for HR becoming a "standard pattern"

HamiltonJet partners with digital services provider Fortude

SentinelOne signs distribution agreement with Sektor

Rapid7’s new SIEM combines exposure management with threat detection

The techpartner.news podcast, episode 3: Why security consultancy founder Kat McCrabb started with the hard stuff

Bluechip Infotech enters final stage of Goodson Imports acquisition

Blackberry celebrates "giant step forward"

Govt launches consumer tech label program for smart devices

'Touch-free' smartphone controlled with head movements

Perth IoT vendor Digital Matter names new chief executive

Axis Communications opens experience centre in Sydney tech hub

Log In