over half
an hour.
Initial testing reveals the following:
In Apple Mail, the e-mail is rendered correctly in the preview pane
but a subsequent click on a different e-mail causes the application to
hang.
***Credits***
David Wharton
***References***
Apple Mail
http://www.apple.com/ma
does not
restart.
This exploits a previously undisclosed vulnerability.
-David Wharton
---
#!/usr/bin/perl
# crash the iPhoto DPAP (Digital Photo Access Protocol) Server on
iPhoto 4.0.3
# technically the server exits cleanly but it does not restart
use IO::Socket::INET;
die "Usage
abilities are not vulnerable to local file
includes.
These vulnerabilities have been disclosed to the vendor although
development on this software has stopped.
Sources:
http://mindmeld.sourceforge.net/
Quick Fix:
In php.ini, disable the following variables: register_globals,
allow_url_fopen, an
Version 1.0
October 1996
CERT(R) Coordination Center
Product Vulnerability Reporting Form
CONTACT INFORMATION
===
Name : David Wharton
E-mail