Mac OS X Local Security Checks : Apple Mac OS X iWork 9.1 Update

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.802146

Categoría: Mac OS X Local Security Checks

Título: Apple Mac OS X iWork 9.1 Update

Resumen: This host is missing an important security update according to; Mac OS X iWork 9.1 Update.

Descripción: Summary:
This host is missing an important security update according to
Mac OS X iWork 9.1 Update.

Vulnerability Insight:
The flaws are due to

- a buffer overflow error, while handling the 'Excel' files.

- a memory corruption issue, while handling the 'Excel' files and Microsoft
Word documents.

Vulnerability Impact:
Successful exploitation could allow attackers to opening a maliciously
crafted files, which leads to an unexpected application termination or arbitrary code execution.

Affected Software/OS:
Mac OS X iWork version 9.0 through 9.0.5.

Solution:
Apply the update from the referenced link.

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2010-3785
http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00006.html
http://www.securitytracker.com/id?1024723
Common Vulnerability Exposure (CVE) ID: CVE-2010-3786
http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=881
http://secunia.com/advisories/42314
http://www.vupen.com/english/advisories/2010/3046
Common Vulnerability Exposure (CVE) ID: CVE-2011-1417
http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html
http://lists.apple.com/archives/security-announce/2011//Apr/msg00000.html
http://lists.apple.com/archives/security-announce/2011//Apr/msg00001.html
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00005.html
http://dvlabs.tippingpoint.com/blog/2011/02/02/pwn2own-2011
http://www.zdnet.com/blog/security/charlie-miller-wins-pwn2own-again-with-iphone-4-exploit/8378
http://www.zerodayinitiative.com/advisories/ZDI-11-109/
http://secunia.com/advisories/44154

Copyright Copyright (C) 2011 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.802146
Categoría:	Mac OS X Local Security Checks
Título:	Apple Mac OS X iWork 9.1 Update
Resumen:	This host is missing an important security update according to; Mac OS X iWork 9.1 Update.
Descripción:	Summary: This host is missing an important security update according to Mac OS X iWork 9.1 Update. Vulnerability Insight: The flaws are due to - a buffer overflow error, while handling the 'Excel' files. - a memory corruption issue, while handling the 'Excel' files and Microsoft Word documents. Vulnerability Impact: Successful exploitation could allow attackers to opening a maliciously crafted files, which leads to an unexpected application termination or arbitrary code execution. Affected Software/OS: Mac OS X iWork version 9.0 through 9.0.5. Solution: Apply the update from the referenced link. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-3785 http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00006.html http://www.securitytracker.com/id?1024723 Common Vulnerability Exposure (CVE) ID: CVE-2010-3786 http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=881 http://secunia.com/advisories/42314 http://www.vupen.com/english/advisories/2010/3046 Common Vulnerability Exposure (CVE) ID: CVE-2011-1417 http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html http://lists.apple.com/archives/security-announce/2011//Apr/msg00000.html http://lists.apple.com/archives/security-announce/2011//Apr/msg00001.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00005.html http://dvlabs.tippingpoint.com/blog/2011/02/02/pwn2own-2011 http://www.zdnet.com/blog/security/charlie-miller-wins-pwn2own-again-with-iphone-4-exploit/8378 http://www.zerodayinitiative.com/advisories/ZDI-11-109/ http://secunia.com/advisories/44154
Copyright	Copyright (C) 2011 Greenbone AG