FRAMINGHAM (05/03/2000) - Filemaker Inc., a developer of software for Apple Computer Inc.'s systems, plans by early next week to provide a downloadable fix for a newly discovered bug that potentially allows unauthorized access to databases posted on the Internet.
The fix could be available as early as Monday, according to a spokesman for the Santa Clara, California-based Apple subsidiary. "We believe that we have comprehensively defined and identified the bug as of yesterday," the spokesman said. "It should be a quick fix."
Details of the bug were disclosed Monday by Web software developer Blue World Communications Inc. in Bellevue, Washington. The security issues are of concern only to users of the Web Companion software included in the Filemaker Pro 5 product line.
According to a statement issued by Filemaker yesterday, some technologies in the Web Companion code may provide unauthorized access to database contents that a user might think is protected by a feature called Field-Level Security.
"Users should be aware that Field-Level Security may not be reliable," the statement said.
Another hole in the software potentially allows users to send anonymous e-mail messages through Web Companion.
The affected version of Filemaker started shipping in late January, the Filemaker spokesman said. "So far, we haven't heard of any real-world incidents" in which users have been affected by the bug, he added.