ID de Prueba:	1.3.6.1.4.1.25623.1.0.815425
Categoría:	Mac OS X Local Security Checks
Título:	Apple Mac OS X Security Updates (HT210348)-01
Resumen:	Apple Mac OS X is prone to multiple vulnerabilities.
Descripción:	Summary: Apple Mac OS X is prone to multiple vulnerabilities. Vulnerability Insight: Multiple flaws exist due to: - An out-of-bounds read error while parsing a maliciously crafted office document in UIFoundation. - An use-after-free error when deserializing an untrusted NSDictionary. - A stack overflow due to improper input validation in libxslt. - An issue in Samba due to improper checks to prevent unauthorized actions. - An out-of-bounds read error due to improper input validation in Foundation. - A memory corruption issue in Bluetooth. Vulnerability Impact: Successful exploitation allows attackers to cause arbitrary code execution, unexpected application termination, perform unauthorized actions and view sensitive information Affected Software/OS: Apple Mac OS X versions, 10.12.x through 10.12.6, 10.13.x through 10.13.6, 10.14.x through 10.14.5 Solution: Apply appropriate security updates from the vendor. Please see the references for more information. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2018-16860 Bugtraq: 20190814 APPLE-SA-2019-8-13-1 Additional information for APPLE-SA-2019-7-22-2 macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra (Google Search) https://seclists.org/bugtraq/2019/Aug/21 Bugtraq: 20190814 APPLE-SA-2019-8-13-2 Additional information for APPLE-SA-2019-7-22-1 iOS 12.4 (Google Search) https://seclists.org/bugtraq/2019/Aug/25 Bugtraq: 20190814 APPLE-SA-2019-8-13-3 Additional information for APPLE-SA-2019-7-22-4 watchOS 5.3 (Google Search) https://seclists.org/bugtraq/2019/Aug/22 Bugtraq: 20190814 APPLE-SA-2019-8-13-4 Additional information for APPLE-SA-2019-7-22-5 tvOS 12.4 (Google Search) https://seclists.org/bugtraq/2019/Aug/23 http://seclists.org/fulldisclosure/2019/Aug/11 http://seclists.org/fulldisclosure/2019/Aug/13 http://seclists.org/fulldisclosure/2019/Aug/14 http://seclists.org/fulldisclosure/2019/Aug/15 https://security.gentoo.org/glsa/202003-52 https://www.samba.org/samba/security/CVE-2018-16860.html SuSE Security Announcement: openSUSE-SU-2019:1888 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00026.html Common Vulnerability Exposure (CVE) ID: CVE-2019-8662 https://support.apple.com/HT210346 https://support.apple.com/HT210348 https://support.apple.com/HT210351 https://support.apple.com/HT210353 Common Vulnerability Exposure (CVE) ID: CVE-2019-8641 https://support.apple.com/HT210588 https://support.apple.com/HT210589 https://support.apple.com/HT210590 https://support.apple.com/HT210606 https://support.apple.com/HT210607 Common Vulnerability Exposure (CVE) ID: CVE-2018-19860 http://seclists.org/fulldisclosure/2019/Jul/22 https://www.broadcom.com/support/resources/product-security-center Common Vulnerability Exposure (CVE) ID: CVE-2019-8656 https://support.apple.com/en-us/HT210348 Common Vulnerability Exposure (CVE) ID: CVE-2019-8657 Common Vulnerability Exposure (CVE) ID: CVE-2019-13118 Bugtraq: 20190723 APPLE-SA-2019-7-22-1 iOS 12.4 (Google Search) https://seclists.org/bugtraq/2019/Jul/35 Bugtraq: 20190723 APPLE-SA-2019-7-22-4 watchOS 5.3 (Google Search) https://seclists.org/bugtraq/2019/Jul/36 Bugtraq: 20190723 APPLE-SA-2019-7-22-5 tvOS 12.4 (Google Search) https://seclists.org/bugtraq/2019/Jul/37 Bugtraq: 20190724 APPLE-SA-2019-7-23-1 iCloud for Windows 7.13 (Google Search) https://seclists.org/bugtraq/2019/Jul/41 Bugtraq: 20190724 APPLE-SA-2019-7-23-2 iTunes for Windows 12.9.6 (Google Search) https://seclists.org/bugtraq/2019/Jul/42 Bugtraq: 20190724 APPLE-SA-2019-7-23-3 iCloud for Windows 10.6 (Google Search) https://seclists.org/bugtraq/2019/Jul/40 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IOYJKXPQCUNBMMQJWYXOR6QRUJZHEDRZ/ http://seclists.org/fulldisclosure/2019/Jul/23 http://seclists.org/fulldisclosure/2019/Jul/24 http://seclists.org/fulldisclosure/2019/Jul/26 http://seclists.org/fulldisclosure/2019/Jul/37 http://seclists.org/fulldisclosure/2019/Jul/38 http://seclists.org/fulldisclosure/2019/Jul/31 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15069 https://gitlab.gnome.org/GNOME/libxslt/commit/6ce8de69330783977dd14f6569419489875fb71b https://oss-fuzz.com/testcase-detail/5197371471822848 https://www.oracle.com/security-alerts/cpujan2020.html https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E https://lists.debian.org/debian-lts-announce/2019/07/msg00020.html http://www.openwall.com/lists/oss-security/2019/11/17/2 SuSE Security Announcement: openSUSE-SU-2020:0731 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00062.html https://usn.ubuntu.com/4164-1/
Copyright	Copyright (C) 2019 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.