| Description: | Summary:
Apple Mac OS X is prone to multiple vulnerabilities.
Vulnerability Insight:
The Security update includes,
- A validation issue was addressed with improved input sanitization.
- An out-of-bounds read issue existed in X.509 IPAddressFamily parsing.
- A type confusion issue was addressed with improved memory handling.
- A memory corruption issue was addressed with improved memory handling.
- Multiple issues were addressed by updating to version 2.4.28.
- Multiple memory corruption issues were addressed through improved state management.
- An out-of-bounds read was addressed with improved bounds checking.
- An out-of-bounds read issue existed in the FTP PWD response parsing.
- An integer overflow error.
- An input validation issue existed in the kernel.
Vulnerability Impact:
Successful exploitation will allow remote
attackers to read restricted memory, execute arbitrary code with system
privileges.
Affected Software/OS:
Apple Mac OS X versions 10.13.x through
10.13.1, 10.12.x through 10.12.6 prior to Security Update 2017-002 Sierra,
10.11.x through 10.11.6 prior to Security Update 2017-005 El Capitan.
Solution:
The vendor has released updates. Please see the references for more information.
CVSS Score:
9.3
CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C
|
