[driftdiver]

Here’s another

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=730

Apple Mac OS X CoreGraphics PDF Type1 Font Integer Overflow Vulnerability

Remote exploitation of an integer overflow vulnerability in Apple Inc.’s Mac OS X could allow an attacker to execute arbitrary code with the privileges of the currently logged in user.

oh and another
http://www.cbc.ca/technology/story/2009/04/15/ibotnet-trojan.html

Cybercriminals create botnet using Mac computers

and another

http://www.macnn.com/articles/09/02/20/inherent.mac.vulnerability/

“A skilled hacker could use the knowledge to insert malicious code into the same space as an active process, like Safari, and force a Mac to run malware.”

[Star Traveler]

You know... I always knew the Macintosh computer was about the safest computer around for catching any viruses — but — what I did not know, until right now — is hard hard it is to actually go out and “get a virus” — even if you’re trying to... LOL...

[Swordmaker]

Cybercriminals create botnet using Mac computers

Very strange thing about that Mac botnet, Driftdiver. Nobody has EVER found an infected Mac member of it in the wild! Not even Symantec. . . who subsequently FIRED the two characters who published the article claiming it's discovery in the Virus Bulletin! To this day Symantec reports the virulence of the supposed Trojan that spread the Bot, which was included in a BitTorrent copy of the Trial version of iWork'09 that the torrent sites themselves listed as having only been download fewer than two dozen times before the infection was discovered, as "zero to 49"!!! Despite those bozos claim the bot was "20,000 Macs" large in their artcle. Not one. None. Zip. Nada.

[Swordmaker]

“A skilled hacker could use the knowledge to insert malicious code into the same space as an active process, like Safari, and force a Mac to run malware.”

And that one is like why the recipe for elephant stew is so hard to make. It's the first instruction. First you have to kill the elephant.

For that exploit to work, if you read the hackers paper, which I did, the hacker Awouls have had to have root access to the Mac to insert the code. First you have to kill the elephant. Once you've done that, the stew is easy.

[Swordmaker]

Apple Mac OS X CoreGraphics PDF Type1 Font Integer Overflow Vulnerability

Remote exploitation of an integer overflow vulnerability in Apple Inc.’s Mac OS X could allow an attacker to execute arbitrary code with the privileges of the currently logged in user.

BZZZZZT !!!! Wrong!

This what comes of having Windows centric security people write these vulnerability warnings. IDefense goes on to say:

This vulnerability exists due to the way PDF files containing Type 1 fonts are handled. When processing a font with an overly large length, integer overflow could occur. This issue leads to heap corruption which can allow for arbitrary code execution.

Except for one little problem with their Windows' centric thinking: the data heaps on Macs are non-executable. Arbitrary code cannot run in the heap on a Mac.