English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.815875
Category:Mac OS X Local Security Checks
Title:Apple Mac OS X Security Updates (HT210788)-02
Summary:Apple Mac OS X is prone to multiple vulnerabilities.
Description:Summary:
Apple Mac OS X is prone to multiple vulnerabilities.

Vulnerability Insight:
Multiple flaws are due to,

- Multiple memory corruption issues related to an improper memory handling.

- A logic issue was addressed with improved state management.

- A buffer overflow was addressed with improved bounds checking.

For more information about the vulnerabilities refer to Reference links.

Vulnerability Impact:
Successful exploitation of these vulnerabilities
allow remote attackers to execute arbitrary code, bypass security restrictions,
disclose sensitive information and cause a denial of service on affected system.

Affected Software/OS:
Apple Mac OS X versions 10.15 prior to 10.15.2,
10.13.x prior to 10.13.6 Security Update 2019-007 and 10.14.x prior to 10.14.6
Security Update 2019-002.

Solution:
Upgrade to Apple Mac OS X 10.15.2 or later
or apply Security Update 2019-007 on 10.13.6 or apply Security Update 2019-002
on 10.14.6.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2019-8837
https://support.apple.com/en-us/HT210788
Common Vulnerability Exposure (CVE) ID: CVE-2019-8848
https://support.apple.com/en-us/HT210785
https://support.apple.com/en-us/HT210789
https://support.apple.com/en-us/HT210790
https://support.apple.com/en-us/HT210793
https://support.apple.com/en-us/HT210794
https://support.apple.com/en-us/HT210795
Common Vulnerability Exposure (CVE) ID: CVE-2019-8842
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
Common Vulnerability Exposure (CVE) ID: CVE-2019-8839
Common Vulnerability Exposure (CVE) ID: CVE-2019-8830
https://support.apple.com/en-us/HT210787
https://support.apple.com/en-us/HT210791
Common Vulnerability Exposure (CVE) ID: CVE-2019-8851
Common Vulnerability Exposure (CVE) ID: CVE-2019-8833
Common Vulnerability Exposure (CVE) ID: CVE-2019-8828
Common Vulnerability Exposure (CVE) ID: CVE-2019-8838
Common Vulnerability Exposure (CVE) ID: CVE-2019-8847
Common Vulnerability Exposure (CVE) ID: CVE-2019-8852
Common Vulnerability Exposure (CVE) ID: CVE-2019-15903
Bugtraq: 20190917 [slackware-security] expat (SSA:2019-259-01) (Google Search)
https://seclists.org/bugtraq/2019/Sep/30
Bugtraq: 20190923 [SECURITY] [DSA 4530-1] expat security update (Google Search)
https://seclists.org/bugtraq/2019/Sep/37
Bugtraq: 20191021 [slackware-security] python (SSA:2019-293-01) (Google Search)
https://seclists.org/bugtraq/2019/Oct/29
Bugtraq: 20191101 [SECURITY] [DSA 4549-1] firefox-esr security update (Google Search)
https://seclists.org/bugtraq/2019/Nov/1
Bugtraq: 20191118 [SECURITY] [DSA 4571-1] thunderbird security update (Google Search)
https://seclists.org/bugtraq/2019/Nov/24
Bugtraq: 20191211 APPLE-SA-2019-12-10-3 macOS Catalina 10.15.2, Security Update 2019-002 Mojave, Security Update 2019-007 High Sierra (Google Search)
https://seclists.org/bugtraq/2019/Dec/23
Bugtraq: 20191211 APPLE-SA-2019-12-10-5 tvOS 13.3 (Google Search)
https://seclists.org/bugtraq/2019/Dec/21
Bugtraq: 20191211 APPLE-SA-2019-12-10-8 watchOS 6.1.1 (Google Search)
https://seclists.org/bugtraq/2019/Dec/17
https://github.com/libexpat/libexpat/issues/342
https://security.netapp.com/advisory/ntap-20190926-0004/
https://support.apple.com/kb/HT210785
https://support.apple.com/kb/HT210788
https://support.apple.com/kb/HT210789
https://support.apple.com/kb/HT210790
https://support.apple.com/kb/HT210793
https://support.apple.com/kb/HT210794
https://support.apple.com/kb/HT210795
Debian Security Information: DSA-4530 (Google Search)
https://www.debian.org/security/2019/dsa-4530
Debian Security Information: DSA-4549 (Google Search)
https://www.debian.org/security/2019/dsa-4549
Debian Security Information: DSA-4571 (Google Search)
https://www.debian.org/security/2019/dsa-4571
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BDUTI5TVQWIGGQXPEVI4T2ENHFSBMIBP/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S26LGXXQ7YF2BP3RGOWELBFKM6BHF6UG/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A4TZKPJFTURRLXIGLB34WVKQ5HGY6JJA/
http://seclists.org/fulldisclosure/2019/Dec/23
http://seclists.org/fulldisclosure/2019/Dec/26
http://seclists.org/fulldisclosure/2019/Dec/27
http://seclists.org/fulldisclosure/2019/Dec/30
https://security.gentoo.org/glsa/201911-08
http://packetstormsecurity.com/files/154503/Slackware-Security-Advisory-expat-Updates.html
http://packetstormsecurity.com/files/154927/Slackware-Security-Advisory-python-Updates.html
http://packetstormsecurity.com/files/154947/Slackware-Security-Advisory-mozilla-firefox-Updates.html
https://github.com/libexpat/libexpat/commit/c20b758c332d9a13afbbb276d30db1d183a85d43
https://github.com/libexpat/libexpat/issues/317
https://github.com/libexpat/libexpat/pull/318
https://www.oracle.com/security-alerts/cpuapr2020.html
https://www.oracle.com/security-alerts/cpuoct2020.html
https://lists.debian.org/debian-lts-announce/2019/11/msg00006.html
https://lists.debian.org/debian-lts-announce/2019/11/msg00017.html
RedHat Security Advisories: RHSA-2019:3210
https://access.redhat.com/errata/RHSA-2019:3210
RedHat Security Advisories: RHSA-2019:3237
https://access.redhat.com/errata/RHSA-2019:3237
RedHat Security Advisories: RHSA-2019:3756
https://access.redhat.com/errata/RHSA-2019:3756
SuSE Security Announcement: openSUSE-SU-2019:2204 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00080.html
SuSE Security Announcement: openSUSE-SU-2019:2205 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00081.html
SuSE Security Announcement: openSUSE-SU-2019:2420 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00000.html
SuSE Security Announcement: openSUSE-SU-2019:2424 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00002.html
SuSE Security Announcement: openSUSE-SU-2019:2425 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00003.html
SuSE Security Announcement: openSUSE-SU-2019:2447 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00013.html
SuSE Security Announcement: openSUSE-SU-2019:2451 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00016.html
SuSE Security Announcement: openSUSE-SU-2019:2452 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00018.html
SuSE Security Announcement: openSUSE-SU-2019:2459 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00017.html
SuSE Security Announcement: openSUSE-SU-2019:2464 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00019.html
SuSE Security Announcement: openSUSE-SU-2020:0010 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00008.html
SuSE Security Announcement: openSUSE-SU-2020:0086 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html
https://usn.ubuntu.com/4132-1/
https://usn.ubuntu.com/4132-2/
https://usn.ubuntu.com/4165-1/
https://usn.ubuntu.com/4202-1/
https://usn.ubuntu.com/4335-1/
Common Vulnerability Exposure (CVE) ID: CVE-2012-1164
20191211 APPLE-SA-2019-12-10-3 macOS Catalina 10.15.2, Security Update 2019-002 Mojave, Security Update 2019-007 High Sierra
20191213 APPLE-SA-2019-12-10-3 macOS Catalina 10.15.2, Security Update 2019-002 Mojave, Security Update 2019-007 High Sierra
48372
http://secunia.com/advisories/48372
49607
http://secunia.com/advisories/49607
52404
http://www.securityfocus.com/bid/52404
GLSA-201406-36
http://security.gentoo.org/glsa/glsa-201406-36.xml
MDVSA-2012:130
http://www.mandriva.com/security/advisories?name=MDVSA-2012:130
RHSA-2012:0899
http://rhn.redhat.com/errata/RHSA-2012-0899.html
http://www.openldap.org/its/index.cgi/Software%20Bugs?id=7143
http://www.openldap.org/software/release/changes.html
Common Vulnerability Exposure (CVE) ID: CVE-2012-2668
1027127
http://www.securitytracker.com/id?1027127
53823
http://www.securityfocus.com/bid/53823
RHSA-2012:1151
http://rhn.redhat.com/errata/RHSA-2012-1151.html
[oss-security] 20120605 CVE request: openldap does not honor TLSCipherSuite configuration option
http://www.openwall.com/lists/oss-security/2012/06/05/4
[oss-security] 20120605 Re: CVE request: openldap does not honor TLSCipherSuite configuration option
http://www.openwall.com/lists/oss-security/2012/06/06/1
[oss-security] 20120606 Re: CVE request: openldap does not honor TLSCipherSuite configuration option
http://www.openwall.com/lists/oss-security/2012/06/06/2
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=676309
http://www.openldap.org/devel/gitweb.cgi?p=openldap.git%3Ba=commitdiff%3Bh=2c2bb2e
http://www.openldap.org/its/index.cgi?findid=7285
https://bugzilla.redhat.com/show_bug.cgi?id=825875
openldap-nss-weak-security(76099)
https://exchange.xforce.ibmcloud.com/vulnerabilities/76099
Common Vulnerability Exposure (CVE) ID: CVE-2013-4449
1029711
http://www.securitytracker.com/id/1029711
20140401 Cisco Unified Communications Manager Denial of Service Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-4449
63190
http://www.securityfocus.com/bid/63190
DSA-3209
http://www.debian.org/security/2015/dsa-3209
MDVSA-2014:026
http://www.mandriva.com/security/advisories?name=MDVSA-2014:026
RHSA-2014:0126
http://rhn.redhat.com/errata/RHSA-2014-0126.html
RHSA-2014:0206
http://rhn.redhat.com/errata/RHSA-2014-0206.html
[oss-security] 20131018 Re: CVE request: slapd segfaults on certain queries with rwm overlay enabled
http://www.openwall.com/lists/oss-security/2013/10/19/3
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10735
http://www.openldap.org/its/index.cgi/Incoming?id=7723
http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
https://bugzilla.redhat.com/show_bug.cgi?id=1019490
Common Vulnerability Exposure (CVE) ID: CVE-2015-1545
http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html
BugTraq ID: 72519
http://www.securityfocus.com/bid/72519
Debian Security Information: DSA-3209 (Google Search)
http://www.mandriva.com/security/advisories?name=MDVSA-2015:073
http://www.mandriva.com/security/advisories?name=MDVSA-2015:074
http://www.openwall.com/lists/oss-security/2015/02/07/3
http://www.securitytracker.com/id/1032399
http://secunia.com/advisories/62787
SuSE Security Announcement: openSUSE-SU-2015:1325 (Google Search)
http://lists.opensuse.org/opensuse-updates/2015-07/msg00069.html
XForce ISS Database: openldap-cve20151545-dos(100937)
https://exchange.xforce.ibmcloud.com/vulnerabilities/100937
Common Vulnerability Exposure (CVE) ID: CVE-2019-13057
https://kc.mcafee.com/corporate/index?page=content&id=SB10365
https://security.netapp.com/advisory/ntap-20190822-0004/
https://www.openldap.org/lists/openldap-announce/201907/msg00001.html
https://www.openldap.org/its/?findid=9038
https://www.oracle.com/security-alerts/cpuapr2022.html
https://lists.debian.org/debian-lts-announce/2019/08/msg00024.html
SuSE Security Announcement: openSUSE-SU-2019:2157 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00053.html
SuSE Security Announcement: openSUSE-SU-2019:2176 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00058.html
https://usn.ubuntu.com/4078-1/
https://usn.ubuntu.com/4078-2/
Common Vulnerability Exposure (CVE) ID: CVE-2019-13565
https://support.f5.com/csp/article/K98008862?utm_source=f5support&utm_medium=RSS
https://www.openldap.org/its/index.cgi/?findid=9052
https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
Common Vulnerability Exposure (CVE) ID: CVE-2019-8832
Common Vulnerability Exposure (CVE) ID: CVE-2017-16808
Bugtraq: 20191002 [slackware-security] tcpdump (SSA:2019-274-01) (Google Search)
https://seclists.org/bugtraq/2019/Oct/2
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/62XY42U6HY3H2APR5EHNWCZ7SAQNMMJN/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/
http://packetstormsecurity.com/files/154710/Slackware-Security-Advisory-tcpdump-Updates.html
https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES
http://www.securitytracker.com/id/1039773
SuSE Security Announcement: openSUSE-SU-2019:1964 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00065.html
SuSE Security Announcement: openSUSE-SU-2019:2344 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html
SuSE Security Announcement: openSUSE-SU-2019:2348 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00053.html
https://usn.ubuntu.com/4252-1/
https://usn.ubuntu.com/4252-2/
Common Vulnerability Exposure (CVE) ID: CVE-2018-10103
Bugtraq: 20191021 [SECURITY] [DSA 4547-1] tcpdump security update (Google Search)
https://seclists.org/bugtraq/2019/Oct/28
Debian Security Information: DSA-4547 (Google Search)
https://www.debian.org/security/2019/dsa-4547
https://lists.debian.org/debian-lts-announce/2019/10/msg00015.html
Common Vulnerability Exposure (CVE) ID: CVE-2018-10105
Common Vulnerability Exposure (CVE) ID: CVE-2018-14461
Common Vulnerability Exposure (CVE) ID: CVE-2018-14462
Common Vulnerability Exposure (CVE) ID: CVE-2018-14463
Common Vulnerability Exposure (CVE) ID: CVE-2018-14464
Common Vulnerability Exposure (CVE) ID: CVE-2018-14465
Common Vulnerability Exposure (CVE) ID: CVE-2018-14466
Common Vulnerability Exposure (CVE) ID: CVE-2018-14467
Common Vulnerability Exposure (CVE) ID: CVE-2018-14468
Common Vulnerability Exposure (CVE) ID: CVE-2018-14469
Common Vulnerability Exposure (CVE) ID: CVE-2018-14470
Common Vulnerability Exposure (CVE) ID: CVE-2018-14879
Common Vulnerability Exposure (CVE) ID: CVE-2018-14880
Common Vulnerability Exposure (CVE) ID: CVE-2018-14881
Common Vulnerability Exposure (CVE) ID: CVE-2018-14882
Common Vulnerability Exposure (CVE) ID: CVE-2018-16227
Common Vulnerability Exposure (CVE) ID: CVE-2018-16228
Common Vulnerability Exposure (CVE) ID: CVE-2018-16229
Common Vulnerability Exposure (CVE) ID: CVE-2018-16230
Common Vulnerability Exposure (CVE) ID: CVE-2018-16300
Common Vulnerability Exposure (CVE) ID: CVE-2018-16301
https://github.com/the-tcpdump-group/tcpdump/commit/ad7c25bc0decf96dc7768c9e903734d38528b1bd
Common Vulnerability Exposure (CVE) ID: CVE-2018-16451
Common Vulnerability Exposure (CVE) ID: CVE-2018-16452
Common Vulnerability Exposure (CVE) ID: CVE-2019-15166
https://github.com/the-tcpdump-group/tcpdump/commit/0b661e0aa61850234b64394585cf577aac570bf4
https://security.netapp.com/advisory/ntap-20200120-0001/
Common Vulnerability Exposure (CVE) ID: CVE-2019-15167
CopyrightCopyright (C) 2019 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.