Mac OS X Local Security Checks : Apple Mac OS X Multiple Vulnerabilities-03 (Feb 2017)

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.0.810569
Category:	Mac OS X Local Security Checks
Title:	Apple Mac OS X Multiple Vulnerabilities-03 (Feb 2017)
Summary:	Apple Mac OS X is prone to multiple vulnerabilities.
Description:	Summary: Apple Mac OS X is prone to multiple vulnerabilities. Vulnerability Insight: Multiple flaws exist due to: - Multiple null pointer dereference errors. - A logging issue in the handling of passwords. - An issue existed in the parsing of disk images. - A logic issue in libxpc. - An issue within the path validation logic for symlinks in libarchive. - Multiple object lifetime issues existed when spawning new processes. - Multiple input validation issues existed in MIG generated code. - An impersonation issue existed in the handling of call switching in the IDS - Connectivity. - A buffer overflow existed in the handling of font files. - An out-of-bounds read error in FontParser. - An user interface inconsistencies existed in the handling of relayed calls in FaceTime. - A phishing issue existed in the handling of proxy credentials. - Multiple memory corruption errors. Vulnerability Impact: Successful exploitation will allow attacker to execute arbitrary code or cause a denial of service, elevate privileges, gain access to potentially sensitive information and overwrite arbitrary files. Affected Software/OS: Apple Mac OS X versions 10.10.x through 10.10.5 prior to build 14F2009, 10.11.x prior to build 15G1108 and 10.12.x prior to 10.12.1 Solution: Upgrade to Apple Mac OS X version 10.12.1 or later or apply appropriate patch. Please see the references for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2016-7584 BugTraq ID: 94571 http://www.securityfocus.com/bid/94571 Common Vulnerability Exposure (CVE) ID: CVE-2016-4678 BugTraq ID: 93852 http://www.securityfocus.com/bid/93852 http://www.securitytracker.com/id/1037086 Common Vulnerability Exposure (CVE) ID: CVE-2016-4667 Common Vulnerability Exposure (CVE) ID: CVE-2016-4674 Common Vulnerability Exposure (CVE) ID: CVE-2016-7579 BugTraq ID: 93856 http://www.securityfocus.com/bid/93856 Common Vulnerability Exposure (CVE) ID: CVE-2016-4673 BugTraq ID: 93849 http://www.securityfocus.com/bid/93849 Common Vulnerability Exposure (CVE) ID: CVE-2016-7577 BugTraq ID: 94429 http://www.securityfocus.com/bid/94429 Common Vulnerability Exposure (CVE) ID: CVE-2016-4660 Common Vulnerability Exposure (CVE) ID: CVE-2016-4688 BugTraq ID: 94572 http://www.securityfocus.com/bid/94572 http://www.securitytracker.com/id/1037469 Common Vulnerability Exposure (CVE) ID: CVE-2016-4721 Common Vulnerability Exposure (CVE) ID: CVE-2016-4669 https://www.exploit-db.com/exploits/40654/ http://packetstormsecurity.com/files/158874/Safari-Webkit-For-iOS-7.1.2-JIT-Optimization-Bug.html Common Vulnerability Exposure (CVE) ID: CVE-2016-7613 BugTraq ID: 94116 http://www.securityfocus.com/bid/94116 Common Vulnerability Exposure (CVE) ID: CVE-2016-4679 Common Vulnerability Exposure (CVE) ID: CVE-2016-4675 Common Vulnerability Exposure (CVE) ID: CVE-2016-4661 Common Vulnerability Exposure (CVE) ID: CVE-2016-4670 BugTraq ID: 94433 http://www.securityfocus.com/bid/94433 Common Vulnerability Exposure (CVE) ID: CVE-2016-4780
Copyright	Copyright (C) 2017 Greenbone AG