Andrew Wellington

Name of the Vulnerable Software and Affected Versions: Apple Safari versions prior to 4.0 Description: A race condition exists in the Reset Safari implementation, potentially allowing local users to read stored web-site passwords via unspecified vectors. Recommendations: For versions prior to 4.0, update to version 4.0 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Mac OS X versions 10.4.7 OS X Server versions 10.4.7 **Description** The issue is related to a buffer overflow in the Xsan Filesystem driver, allowing local users with Xsan write access to execute arbitrary code. This is due to the processing of a path name. **Recommendations** For Mac OS X version 10.4.7, update to a newer version to mitigate the risk. For OS X Server version 10.4.7, update to a newer version to mitigate the risk.