Mac OS X Local Security Checks : Apple Mac OS X Multiple Vulnerabilities-02 (Mar 2016)

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.0.806695
Category:	Mac OS X Local Security Checks
Title:	Apple Mac OS X Multiple Vulnerabilities-02 (Mar 2016)
Summary:	Apple Mac OS X is prone to multiple vulnerabilities.
Description:	Summary: Apple Mac OS X is prone to multiple vulnerabilities. Vulnerability Insight: Please see the references for more information on the vulnerabilities. Vulnerability Impact: Successful exploitation will allow attacker to execute arbitrary code or cause a denial of service (memory corruption), gain access to potentially sensitive information, trigger a dialing action via a tel: URL, bypass a code-signing protection mechanism. Affected Software/OS: Apple Mac OS X versions 10.9.x before 10.9.5 and 10.10.x before 10.10.5 Solution: Apply the appropriate security patch from the vendor. Please see the references for more information. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2016-1754 http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html http://www.securitytracker.com/id/1035353 Common Vulnerability Exposure (CVE) ID: CVE-2016-1755 https://www.exploit-db.com/exploits/39614/ Common Vulnerability Exposure (CVE) ID: CVE-2016-1759 http://www.securitytracker.com/id/1035363 Common Vulnerability Exposure (CVE) ID: CVE-2016-1761 http://www.zerodayinitiative.com/advisories/ZDI-16-203 Common Vulnerability Exposure (CVE) ID: CVE-2016-1765 http://lists.apple.com/archives/security-announce/2016/Mar/msg00003.html http://www.securitytracker.com/id/1035352 Common Vulnerability Exposure (CVE) ID: CVE-2015-8472 BugTraq ID: 78624 http://www.securityfocus.com/bid/78624 Debian Security Information: DSA-3443 (Google Search) http://www.debian.org/security/2016/dsa-3443 http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174936.html http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175073.html http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174905.html http://www.openwall.com/lists/oss-security/2015/12/03/6 RedHat Security Advisories: RHSA-2015:2594 http://rhn.redhat.com/errata/RHSA-2015-2594.html RedHat Security Advisories: RHSA-2015:2595 http://rhn.redhat.com/errata/RHSA-2015-2595.html RedHat Security Advisories: RHSA-2015:2596 http://rhn.redhat.com/errata/RHSA-2015-2596.html RedHat Security Advisories: RHSA-2016:0055 http://rhn.redhat.com/errata/RHSA-2016-0055.html RedHat Security Advisories: RHSA-2016:0056 http://rhn.redhat.com/errata/RHSA-2016-0056.html RedHat Security Advisories: RHSA-2016:0057 http://rhn.redhat.com/errata/RHSA-2016-0057.html RedHat Security Advisories: RHSA-2016:1430 https://access.redhat.com/errata/RHSA-2016:1430 SuSE Security Announcement: SUSE-SU-2016:0256 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00038.html SuSE Security Announcement: SUSE-SU-2016:0265 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00042.html SuSE Security Announcement: SUSE-SU-2016:0269 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00044.html SuSE Security Announcement: openSUSE-SU-2016:0263 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00041.html SuSE Security Announcement: openSUSE-SU-2016:0268 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00043.html SuSE Security Announcement: openSUSE-SU-2016:0270 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html SuSE Security Announcement: openSUSE-SU-2016:0272 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00047.html SuSE Security Announcement: openSUSE-SU-2016:0279 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00048.html Common Vulnerability Exposure (CVE) ID: CVE-2015-1819 1034243 http://www.securitytracker.com/id/1034243 75570 http://www.securityfocus.com/bid/75570 APPLE-SA-2016-03-21-1 APPLE-SA-2016-03-21-2 APPLE-SA-2016-03-21-3 APPLE-SA-2016-03-21-5 DSA-3430 http://www.debian.org/security/2015/dsa-3430 FEDORA-2015-037f844d3e http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172943.html FEDORA-2015-c24af963a2 http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172710.html GLSA-201507-08 https://security.gentoo.org/glsa/201507-08 GLSA-201701-37 https://security.gentoo.org/glsa/201701-37 RHSA-2015:1419 http://rhn.redhat.com/errata/RHSA-2015-1419.html RHSA-2015:2550 http://rhn.redhat.com/errata/RHSA-2015-2550.html USN-2812-1 http://www.ubuntu.com/usn/USN-2812-1 http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html http://xmlsoft.org/news.html https://git.gnome.org/browse/libxml2/commit/?id=213f1fe0d76d30eaed6e5853057defc43e6df2c9 https://support.apple.com/HT206166 https://support.apple.com/HT206167 https://support.apple.com/HT206168 https://support.apple.com/HT206169 openSUSE-SU-2015:2372 http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html openSUSE-SU-2016:0106 http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html Common Vulnerability Exposure (CVE) ID: CVE-2015-5312 79536 http://www.securityfocus.com/bid/79536 HPSBGN03537 http://marc.info/?l=bugtraq&m=145382616617563&w=2 RHSA-2015:2549 http://rhn.redhat.com/errata/RHSA-2015-2549.html RHSA-2016:1089 http://rhn.redhat.com/errata/RHSA-2016-1089.html USN-2834-1 http://www.ubuntu.com/usn/USN-2834-1 http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html https://bugzilla.redhat.com/show_bug.cgi?id=1276693 https://git.gnome.org/browse/libxml2/commit/?id=69030714cde66d525a8884bda01b9e8f0abf8e1e https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172 Common Vulnerability Exposure (CVE) ID: CVE-2015-7499 79509 http://www.securityfocus.com/bid/79509 https://bugzilla.redhat.com/show_bug.cgi?id=1281925 https://git.gnome.org/browse/libxml2/commit/?id=28cd9cb747a94483f4aea7f0968d202c20bb4cfc https://git.gnome.org/browse/libxml2/commit/?id=35bcb1d758ed70aa7b257c9c3b3ff55e54e3d0da Common Vulnerability Exposure (CVE) ID: CVE-2015-7500 79562 http://www.securityfocus.com/bid/79562 https://bugzilla.redhat.com/show_bug.cgi?id=1281943 https://git.gnome.org/browse/libxml2/commit/?id=f1063fdbe7fa66332bbb76874101c2a7b51b519f Common Vulnerability Exposure (CVE) ID: CVE-2015-7942 BugTraq ID: 79507 http://www.securityfocus.com/bid/79507 Debian Security Information: DSA-3430 (Google Search) http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177341.html http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177381.html HPdes Security Advisory: HPSBGN03537 http://www.openwall.com/lists/oss-security/2015/10/22/5 http://www.openwall.com/lists/oss-security/2015/10/22/8 RedHat Security Advisories: RHSA-2015:2549 RedHat Security Advisories: RHSA-2015:2550 RedHat Security Advisories: RHSA-2016:1089 SuSE Security Announcement: openSUSE-SU-2015:2372 (Google Search) SuSE Security Announcement: openSUSE-SU-2016:0106 (Google Search) Common Vulnerability Exposure (CVE) ID: CVE-2015-8035 BugTraq ID: 77390 http://www.securityfocus.com/bid/77390 http://www.openwall.com/lists/oss-security/2015/11/02/2 http://www.openwall.com/lists/oss-security/2015/11/02/4 http://www.openwall.com/lists/oss-security/2015/11/03/1 Common Vulnerability Exposure (CVE) ID: CVE-2015-8242 BugTraq ID: 77681 http://www.securityfocus.com/bid/77681 http://www.openwall.com/lists/oss-security/2015/11/17/5 http://www.openwall.com/lists/oss-security/2015/11/18/23 Common Vulnerability Exposure (CVE) ID: CVE-2016-1762 http://lists.apple.com/archives/security-announce/2016/Mar/msg00005.html BugTraq ID: 85059 http://www.securityfocus.com/bid/85059 Debian Security Information: DSA-3593 (Google Search) https://www.debian.org/security/2016/dsa-3593 RedHat Security Advisories: RHSA-2016:1292 https://access.redhat.com/errata/RHSA-2016:1292 RedHat Security Advisories: RHSA-2016:2957 http://rhn.redhat.com/errata/RHSA-2016-2957.html http://www.ubuntu.com/usn/USN-2994-1 Common Vulnerability Exposure (CVE) ID: CVE-2016-0777 BugTraq ID: 80695 http://www.securityfocus.com/bid/80695 Bugtraq: 20160114 Qualys Security Advisory - Roaming through the OpenSSH client: CVE-2016-0777 and CVE-2016-0778 (Google Search) http://www.securityfocus.com/archive/1/537295/100/0/threaded Debian Security Information: DSA-3446 (Google Search) http://www.debian.org/security/2016/dsa-3446 http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176516.html http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176349.html http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175592.html http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175676.html FreeBSD Security Advisory: FreeBSD-SA-16:07 https://security.FreeBSD.org/advisories/FreeBSD-SA-16:07.openssh.asc http://seclists.org/fulldisclosure/2016/Jan/44 https://security.gentoo.org/glsa/201601-01 http://packetstormsecurity.com/files/135273/Qualys-Security-Advisory-OpenSSH-Overflow-Leak.html http://www.openwall.com/lists/oss-security/2016/01/14/7 http://www.securitytracker.com/id/1034671 SuSE Security Announcement: SUSE-SU-2016:0117 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00006.html SuSE Security Announcement: SUSE-SU-2016:0118 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00007.html SuSE Security Announcement: SUSE-SU-2016:0119 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00008.html SuSE Security Announcement: SUSE-SU-2016:0120 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00009.html SuSE Security Announcement: openSUSE-SU-2016:0127 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00013.html SuSE Security Announcement: openSUSE-SU-2016:0128 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00014.html http://www.ubuntu.com/usn/USN-2869-1 Common Vulnerability Exposure (CVE) ID: CVE-2016-0778 BugTraq ID: 80698 http://www.securityfocus.com/bid/80698 Common Vulnerability Exposure (CVE) ID: CVE-2015-5333 http://lists.opensuse.org/opensuse-updates/2015-10/msg00050.html http://packetstormsecurity.com/files/133998/Qualys-Security-Advisory-LibreSSL-Leak-Overflow.html http://www.securityfocus.com/archive/1/archive/1/536692/100/0/threaded Common Vulnerability Exposure (CVE) ID: CVE-2015-5334 http://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-2.3.1-relnotes.txt http://seclists.org/fulldisclosure/2015/Oct/75 Common Vulnerability Exposure (CVE) ID: CVE-2014-9495 BugTraq ID: 71820 http://www.securityfocus.com/bid/71820 http://www.openwall.com/lists/oss-security/2015/01/04/3 http://www.openwall.com/lists/oss-security/2015/01/10/1 http://www.openwall.com/lists/oss-security/2015/01/10/3 http://sourceforge.net/p/png-mng/mailman/message/33173461/ http://sourceforge.net/p/png-mng/mailman/message/33172831/ http://www.securitytracker.com/id/1031444 http://secunia.com/advisories/62725 Common Vulnerability Exposure (CVE) ID: CVE-2015-0973 http://tfpwn.com/files/libpng_heap_overflow_1.6.15.txt Common Vulnerability Exposure (CVE) ID: CVE-2016-1791 http://lists.apple.com/archives/security-announce/2016/May/msg00004.html BugTraq ID: 90696 http://www.securityfocus.com/bid/90696 http://www.securitytracker.com/id/1035895 Common Vulnerability Exposure (CVE) ID: CVE-2016-1800 Common Vulnerability Exposure (CVE) ID: CVE-2016-1833 http://lists.apple.com/archives/security-announce/2016/May/msg00001.html http://lists.apple.com/archives/security-announce/2016/May/msg00002.html http://lists.apple.com/archives/security-announce/2016/May/msg00003.html BugTraq ID: 90691 http://www.securityfocus.com/bid/90691 https://bugs.chromium.org/p/project-zero/issues/detail?id=636 http://www.securitytracker.com/id/1035890 Common Vulnerability Exposure (CVE) ID: CVE-2016-1834 Common Vulnerability Exposure (CVE) ID: CVE-2016-1835 Common Vulnerability Exposure (CVE) ID: CVE-2016-1836 http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html Common Vulnerability Exposure (CVE) ID: CVE-2016-1837 Common Vulnerability Exposure (CVE) ID: CVE-2016-1838 https://bugs.chromium.org/p/project-zero/issues/detail?id=639 Common Vulnerability Exposure (CVE) ID: CVE-2016-1839 http://www.securitytracker.com/id/1038623 Common Vulnerability Exposure (CVE) ID: CVE-2016-1840 Common Vulnerability Exposure (CVE) ID: CVE-2016-1841 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SK4YNISS22MJY22YX5I6V2U63QZAUEHA/ Common Vulnerability Exposure (CVE) ID: CVE-2016-1847
Copyright	Copyright (C) 2016 Greenbone AG