Test ID:	1.3.6.1.4.1.25623.1.0.805484
Category:	Mac OS X Local Security Checks
Title:	Apple Mac OS X Multiple Vulnerabilities -02 (Mar 2015)
Summary:	Apple Mac OS X is prone to multiple vulnerabilities.
Description:	Summary: Apple Mac OS X is prone to multiple vulnerabilities. Vulnerability Insight: Multiple flaws are due to: - The flaw in Spotlight that is triggered as the status of Mails 'load remote content in messages' setting is not properly checked - The flaw in the Bluetooth driver that is triggered can allow a specially crafted application to control the size of a write to kernel memory. Vulnerability Impact: Successful exploitation will allow remote attackers to determine the IP address of the recipient of an email, a local attacker to gain elevated privileges. Affected Software/OS: Apple Mac OS X version 10.10.x through 10.10.1 Solution: Upgrade to Apple Mac OS X version 10.10.2 CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2014-8839 http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html http://heise.de/newsticker/meldung/Datenschutzpanne-in-Mac-OS-X-Yosemite-2514198.html http://www.theregister.co.uk/2015/01/10/spotlight_caught_spreading_your_delicates/ http://securitytracker.com/id/1031521 XForce ISS Database: macosx-cve20148839-sec-bypass(100527) https://exchange.xforce.ibmcloud.com/vulnerabilities/100527 Common Vulnerability Exposure (CVE) ID: CVE-2014-8836 http://code.google.com/p/google-security-research/issues/detail?id=136 http://www.securitytracker.com/id/1031626 XForce ISS Database: macosx-cve20148836-priv-esc(100490) https://exchange.xforce.ibmcloud.com/vulnerabilities/100490
Copyright	Copyright (C) 2015 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.