Mac OS X fails to properly handle corrupted UDTO HFS+ image structures (ex. bad sectors), leading to an exploitable denial of service condition. Although it hasn't been checked further, memory corruption is present under certain conditions (in this particular case, unlikely to allow arbitrary code execution).
- More details and debugging information
- Proof of concept: MOKB-21-11-2006.dmg.bz2 and for Safari users: MOKB-21-11-2006.dmg
