[原文]Mail in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to execute arbitrary code via an enriched text e-mail message with "invalid color information" that causes Mail to allocate and initialize arbitrary classes.
Apple Mac OS X Mail Enriched Text Color Arbitrary Class Allocation Code Execution
Remote / Network Access
Loss of Integrity
Mac OS X contains a flaw that may allow a malicious user to execute arbitrary code. The issue is triggered when invalid color information is included in enriched text email, which could cause the allocation and initialization of arbitrary classes. It is possible that the flaw may allow arbitrary code execution resulting in a loss of integrity.
Install Apple Security Update 2006-003, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.