This is Aladdin's response to the Stuffit Expander security vulnerability mentioned on this mailing list:
"Essentially the issue is that someone could theoretically craft a .zip archive which contained an illegally long file name. When affected utilities attempt to expand this archive a buffer overrun could potentially allow arbitrary code to be executed. Such an archive would basically be a 'trojan horse.' "To date there have been no such archives detected (or created by ourselves, Apple, or CERT) and there are be significant technical barriers to doing so. Even then such an archive would have to be crafted to individually exploit a particular decompression utility running on a specific OS. While we see this as a very small risk, we are concerned about creating the most secure software possible and recommend that users download and use the latest version of StuffIt Expander 7.0, which is not vulnerable, to reduce the potential risk even further." Emphasis is mine. Just wanted to pass this along so everyone could make an informed decision as to whether or not to upgrade. Jesse -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/enriched Size: 1204 bytes Desc: not available Url : http://www.math.louisville.edu/pipermail/macgroup/attachments/20021004/a849f7ac/attachment.bin
