Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2013.1826 Motion 5.1 20 December 2013 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Motion Publisher: Apple Operating System: OS X Impact/Access: Execute Arbitrary Code/Commands -- Remote with User Interaction Resolution: Patch/Upgrade CVE Names: CVE-2013-6114 - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2013-12-19-1 Motion 5.1 Motion 5.1 is now available and addresses the following: Motion Available for: OS X Mavericks v10.9 or later Impact: A maliciously crafted .motn file could lead to arbitrary code execution Description: An integer overflow existed in the handling of .motn files which led to an out of bounds memory access. This issue was addressed through improved bounds checking. CVE-ID CVE-2013-6114 : Jean Pascal Pereira Motion 5.1 may be obtained from the Mac App Store. Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ - -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.22 (Darwin) Comment: GPGTools - http://gpgtools.org iQIcBAEBAgAGBQJSssLjAAoJEPefwLHPlZEwDwwQAJ5cXQe9I7In8kPrE27xB10/ ejogkZa8FAzS9mwcuvszAxITy35e0JKe+ou65+y1F+Rv+CT9VVzzIlEP7dGr5AUa r88ok05hzQbUsFRdCa/WIE2ERUVDl0aF1T696RQj4Ulxv0nMB7L54QjW1QixH3Sj ubU6X47SdqtVopYz0ca7MPh9O92UNZNwT44dQZco03FqzAdremWNyo/E5GYCqN4d H2BUIbKOrahhfSF8x+Xtl0xaGFbNTZBY9Y2258tisDyvuvVbFGdHKbLT/n1FSUNu CYzsxiCx+cXPEgxR+CeNNvPcva8Lr3uMZginGdOVkkJFD5MWahUv3DuiHgjrmVZv 4MB/cP2tQwfTznbZYf+k3SLUt0dM/WLbE5eV6FGuDeNe7w5z1UHGTcYfCVK5yKe3 /c0NaGtpgMOaaq/UmF41U9/R2wqLUXu0nsoscG9HG10yXGsL/8/Jzfm/CQ5Nr6t5 YpjwCZU3AO/ZhQWbD5PrBMsvcCllXO/aOSSq6z2OCTDHNnotbktQZ9a+7wikC+O3 8u0/Nvwp0K+nzCRa4AMUkZzC1GoQZ6UytU8S26ifWnyXyqs4lNGSX7rmd7hwJcVA QY8k/7Zjj66Uraafolb83nXO6TL/kf1clomHFILTXEwyQUI5hmKiwpKFijAPT0ju ZunhUVBiBiHHSjEFp+p2 =00oP - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/render.html?cid=1980 =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBUrOaixLndAQH1ShLAQLbtA//cxSWrkjag9914tKB98S7d1hw7lNQzjgx S+m0aT1zlubpPVPXXxqbfXY34tUhDQCkpHqeUm3/naLhSF/8hH4x5wFHqHrrRUuz 0vH7oahlJtZeBNnEQYi3DKFNkSuCSGmUAVNqaEQgHdYViPtmteB8XhaJqdCeODfg DT4h9/+ZnjKddcRAzI1v4GP3LG5/M4EdXtzudD0J+SD3g782GKZly+gJkvU4Z4Rc RQCFCZJPWK6urYhvLile9Q8MvvAUnU1oIKNZJYsnAA5fcL4U9AZ6iHhvfyvINw2y bOWgxGaDQEVcS+PFVvoFnJGC02H+FnRzHu9mnTKNKxMHVLBvhCyArTSzF+U9kMjC PqczfS2qG43G5IETugbLR9KOJMR3dT6HzAeBne3UUdRW7j156qxsYuhnxbYWry11 3VmHoCAa35P1XQvouVZKCZqDZpaguJkKQSosLigzEQU9eE+WYDe1OYtUXeGNIMmK 5nIUEOHF+KYBAz/tP1Ih4HAOYK0C/PPSdXYRf3UIIxG/V3a+wkIforNwCaLd8nOe /6Je/c5sMtVLPSFcjZeFa5GxzESonuBuxPJwJkB8JbvaUJ+L5ENfsQihjd+VBgPB PnHdGpo53gTWl6B/jUxbt3nKB3MIHac5qp4dowAYWJ57ILqzFUqq2Y7znDTIlerS jhrm/1ES54I= =CBYn -----END PGP SIGNATURE-----