Researchers at CoreLabs have issued a security warning for OS X 10.5 Leopard detailing a vulnerability that could allow hackers to execute malicious code on your Mac through a PDF file.
3. Vulnerability Description
The Apple Type Services is prone to memory corruption due a sign mismatch vulnerability when handling the last offset value of the CharStrings INDEX structure.
This vulnerability could be used by a remote attacker to execute arbitrary code, by enticing the user of Mac OS X v10.5.x to view or download a PDF document containing a embedded malicious CFF font (Compact Font Format ).
This vulnerability is a variation of the vulnerability labeled as CVE-2010-1797 (FreeType JailbreakMe iPhone exploit variation).
If you will recall, the JailbreakMe site utilizes this vulnerability to allow users to jailbreak their iPhones by simply visiting a URL and swiping a slider.
CoreLabs issued this security warning publicly, after giving Apple ample warning about the flaw. It seems that Apple has a fix for it already, but has yet to release a Security Update that would resolve the issue. Hopefully the patch will come soon, although it’s clear that OS X 10.5 Leopard is on its last legs. Still, for the many users of older machines, OS X 10.5 Leopard is the only option, especially if running on PowerPC chips like the G5. In the meantime, users should be advised to be careful about opening or downloading PDF files from unknown sources, and be aware that their machines could be open to malware or malicious attacks.