Test ID:	1.3.6.1.4.1.25623.1.0.815425
Category:	Mac OS X Local Security Checks
Title:	Apple Mac OS X Security Updates (HT210348)-01
Summary:	Apple Mac OS X is prone to multiple vulnerabilities.
Description:	Summary: Apple Mac OS X is prone to multiple vulnerabilities. Vulnerability Insight: Multiple flaws exist due to: - An out-of-bounds read error while parsing a maliciously crafted office document in UIFoundation. - An use-after-free error when deserializing an untrusted NSDictionary. - A stack overflow due to improper input validation in libxslt. - An issue in Samba due to improper checks to prevent unauthorized actions. - An out-of-bounds read error due to improper input validation in Foundation. - A memory corruption issue in Bluetooth. Vulnerability Impact: Successful exploitation allows attackers to cause arbitrary code execution, unexpected application termination, perform unauthorized actions and view sensitive information Affected Software/OS: Apple Mac OS X versions, 10.12.x through 10.12.6, 10.13.x through 10.13.6, 10.14.x through 10.14.5 Solution: Apply appropriate security updates from the vendor. Please see the references for more information. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2018-16860 Bugtraq: 20190814 APPLE-SA-2019-8-13-1 Additional information for APPLE-SA-2019-7-22-2 macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra (Google Search) https://seclists.org/bugtraq/2019/Aug/21 Bugtraq: 20190814 APPLE-SA-2019-8-13-2 Additional information for APPLE-SA-2019-7-22-1 iOS 12.4 (Google Search) https://seclists.org/bugtraq/2019/Aug/25 Bugtraq: 20190814 APPLE-SA-2019-8-13-3 Additional information for APPLE-SA-2019-7-22-4 watchOS 5.3 (Google Search) https://seclists.org/bugtraq/2019/Aug/22 Bugtraq: 20190814 APPLE-SA-2019-8-13-4 Additional information for APPLE-SA-2019-7-22-5 tvOS 12.4 (Google Search) https://seclists.org/bugtraq/2019/Aug/23 http://seclists.org/fulldisclosure/2019/Aug/11 http://seclists.org/fulldisclosure/2019/Aug/13 http://seclists.org/fulldisclosure/2019/Aug/14 http://seclists.org/fulldisclosure/2019/Aug/15 https://security.gentoo.org/glsa/202003-52 https://www.samba.org/samba/security/CVE-2018-16860.html SuSE Security Announcement: openSUSE-SU-2019:1888 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00026.html Common Vulnerability Exposure (CVE) ID: CVE-2019-8662 https://support.apple.com/HT210346 https://support.apple.com/HT210348 https://support.apple.com/HT210351 https://support.apple.com/HT210353 Common Vulnerability Exposure (CVE) ID: CVE-2019-8641 https://support.apple.com/HT210588 https://support.apple.com/HT210589 https://support.apple.com/HT210590 https://support.apple.com/HT210606 https://support.apple.com/HT210607 Common Vulnerability Exposure (CVE) ID: CVE-2018-19860 http://seclists.org/fulldisclosure/2019/Jul/22 https://www.broadcom.com/support/resources/product-security-center Common Vulnerability Exposure (CVE) ID: CVE-2019-8656 https://support.apple.com/en-us/HT210348 Common Vulnerability Exposure (CVE) ID: CVE-2019-8657 Common Vulnerability Exposure (CVE) ID: CVE-2019-13118 Bugtraq: 20190723 APPLE-SA-2019-7-22-1 iOS 12.4 (Google Search) https://seclists.org/bugtraq/2019/Jul/35 Bugtraq: 20190723 APPLE-SA-2019-7-22-4 watchOS 5.3 (Google Search) https://seclists.org/bugtraq/2019/Jul/36 Bugtraq: 20190723 APPLE-SA-2019-7-22-5 tvOS 12.4 (Google Search) https://seclists.org/bugtraq/2019/Jul/37 Bugtraq: 20190724 APPLE-SA-2019-7-23-1 iCloud for Windows 7.13 (Google Search) https://seclists.org/bugtraq/2019/Jul/41 Bugtraq: 20190724 APPLE-SA-2019-7-23-2 iTunes for Windows 12.9.6 (Google Search) https://seclists.org/bugtraq/2019/Jul/42 Bugtraq: 20190724 APPLE-SA-2019-7-23-3 iCloud for Windows 10.6 (Google Search) https://seclists.org/bugtraq/2019/Jul/40 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IOYJKXPQCUNBMMQJWYXOR6QRUJZHEDRZ/ http://seclists.org/fulldisclosure/2019/Jul/23 http://seclists.org/fulldisclosure/2019/Jul/24 http://seclists.org/fulldisclosure/2019/Jul/26 http://seclists.org/fulldisclosure/2019/Jul/37 http://seclists.org/fulldisclosure/2019/Jul/38 http://seclists.org/fulldisclosure/2019/Jul/31 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15069 https://gitlab.gnome.org/GNOME/libxslt/commit/6ce8de69330783977dd14f6569419489875fb71b https://oss-fuzz.com/testcase-detail/5197371471822848 https://www.oracle.com/security-alerts/cpujan2020.html https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E https://lists.debian.org/debian-lts-announce/2019/07/msg00020.html http://www.openwall.com/lists/oss-security/2019/11/17/2 SuSE Security Announcement: openSUSE-SU-2020:0731 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00062.html https://usn.ubuntu.com/4164-1/
Copyright	Copyright (C) 2019 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.