Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:
Kategorie:Mac OS X Local Security Checks
Titel:Apple Mac OS X Multiple Vulnerabilities-01 April-2017
Zusammenfassung:Apple Mac OS X is prone to multiple vulnerabilities.
Apple Mac OS X is prone to multiple vulnerabilities.

Vulnerability Insight:
Multiple flaws exist due to:

- The Wiki Server does not specify an explicit character set when serving
HTML documents in response to user requests.

- Multiple errors in SquirrelMail.

- A configuration issue exists in Apple's distribution of Samba, the server
used for SMB file sharing.

- An input validation error in the Ruby WEBrick HTTP server's handling of
error pages.

- A buffer overflow exists in libcurl's handling of gzip-compressed web

- An integer overflow exists in AES and RC4 decryption operations of the
crypto library in the KDC server.

- Multiple integer overflows in the handling of TIFF files.

- A directory traversal issue exists in iChat's handling of inline
image transfers.

- A symlink following issue exists in Folder Manager.

- Multiple errors in Adobe Flash Player plug-in.

- An uninitialized memory read issue exists in the CUPS web interface's
handling of form variables.

- An use after free error exists in cupsd.

- A cross-site request forgery issue exists in the CUPS web interface.

Vulnerability Impact:
Successful exploitation will allow attacker
to conduct cross-site scripting attack, access sensitive information, cause
an unexpected application termination or arbitrary code execution, upload
files to arbitrary locations on the filesystem of a user and cause privilege

Affected Software/OS:
Apple Mac OS X and Mac OS X Server
version 10.5.8, 10.6 through 10.6.3

The vendor has released updates. Please see the references for more information.

CVSS Score:

CVSS Vector:

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2010-0540
BugTraq ID: 40871
Debian Security Information: DSA-2176 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2010-0302
BugTraq ID: 38510
RedHat Security Advisories: RHSA-2010:0129
Common Vulnerability Exposure (CVE) ID: CVE-2010-1748
SuSE Security Announcement: SUSE-SR:2010:023 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2010-0545
Common Vulnerability Exposure (CVE) ID: CVE-2010-0186
BugTraq ID: 38198
RedHat Security Advisories: RHSA-2010:0102
RedHat Security Advisories: RHSA-2010:0103
SuSE Security Announcement: SUSE-SR:2010:006 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2010-0187
BugTraq ID: 38200
Common Vulnerability Exposure (CVE) ID: CVE-2010-0546
Common Vulnerability Exposure (CVE) ID: CVE-2010-1374
Common Vulnerability Exposure (CVE) ID: CVE-2010-1411
BugTraq ID: 40823
SuSE Security Announcement: SUSE-SR:2010:014 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2009-4212
BugTraq ID: 37749
Debian Security Information: DSA-1969 (Google Search)
HPdes Security Advisory: HPSBOV02682
HPdes Security Advisory: SSRT100495
RedHat Security Advisories: RHSA-2010:0029
RedHat Security Advisories: RHSA-2010:0095
Common Vulnerability Exposure (CVE) ID: CVE-2010-0734
Bugtraq: 20101027 rPSA-2010-0072-1 curl (Google Search)
Bugtraq: 20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX (Google Search)
Debian Security Information: DSA-2023 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2010-0541
BugTraq ID: 40895
Common Vulnerability Exposure (CVE) ID: CVE-2010-1381
Common Vulnerability Exposure (CVE) ID: CVE-2009-1578
BugTraq ID: 34916
Debian Security Information: DSA-1802 (Google Search)
XForce ISS Database: squirrelmail-decryptheaders-xss(50460)
XForce ISS Database: squirrelmail-phpself-xss(50459)
Common Vulnerability Exposure (CVE) ID: CVE-2009-1579
XForce ISS Database: squirrelmail-mapypalias-code-execution(50461)
Common Vulnerability Exposure (CVE) ID: CVE-2009-1580
XForce ISS Database: squirrelmail-baseuri-session-hijacking(50462)
Common Vulnerability Exposure (CVE) ID: CVE-2009-1581
XForce ISS Database: squirrelmail-css-xss(50463)
Common Vulnerability Exposure (CVE) ID: CVE-2009-2964
BugTraq ID: 36196
Debian Security Information: DSA-2091 (Google Search)
XForce ISS Database: squirrelmail-unspecified-csrf(52406)
Common Vulnerability Exposure (CVE) ID: CVE-2010-1382
CopyrightCopyright (C) 2017 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

© 1998-2021 E-Soft Inc. Alle Rechte vorbehalten.