I installed Security Update 2006-003 for Mac OS X last night when I sat and procrastinated going to bed because it always makes me feel worse lying down when my brain is swimming in snot as it has been the last four days.
There's about 20 occurences of the text “…may lead to arbitrary code execution” in the list of fixes. I had planned to go through them here, but Thomas Ptachek has already done a better job than I could, including a good catch about securityd(1), although I think the updates to securityd(1) are closely coupled to the documented changes in Keychain Access.
Ptacek remarks that
like that a number of these vulnerabilities appear to have been found
internally (assuming that is what uncredited vulnerabilities mean);
curiously many of those uncredited vulnerabilities look like what
Tom Ferris found, and now Ferris says they're
all fixed by this update. Maybe Apple already knew about these things
before Ferris contacted them, and it's OK not giving him credit, or Apple is
being rather un-nice. I don't know.
UPDATE: actually that weblog entry was written by Dave Goldsmith, not Thomas Ptacek as I wrote first. It turns out it's a group weblog now, but it used to be only Ptacek writing there. I swear. Really.