ITSS-Advisory : Medium : Apple : OS X : Various potential remote code execution

THREAT LEVEL
============
Medium

INFORMATION
===========
Product: Mac OS X prior to v10.5.8
Publisher: Apple
Impact/Access: Root Compromise -- Existing Account
Execute Arbitrary Code/Commands -- Remote with User Interaction
Denial of Service -- Remote with User Interaction
Provide Misleading Information -- Remote with User Interaction
Unauthorised Access -- Remote with User Interaction
Reduced Security -- Remote with User Interaction

AFFECTED PLATFORMS
==================
Operating System: Mac OS X

ACTION
======
Resolution: Patch/Upgrade

Original Bulletin:
http://support.apple.com/kb/HT3757

Security Update 2009-003 / Mac OS X v10.5.8 may be obtained from the Software Update pane in System Preferences, or Apple's Software Downloads web site:
http://www.apple.com/support/downloads/

The Software Update utility will present the update that applies to your system configuration. Only one is needed, either Security Update 2009-003 or Mac OS X v10.5.8.

Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222

Administrators of affected computer systems are advised to review the
bulletins, test and apply relevant mitigation strategies and updates.

References:
http://support.apple.com/kb/HT3757
http://www.apple.com/support/downloads/
http://support.apple.com/kb/HT1222