Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:Mac OS X Local Security Checks
Title:Apple Mac OS X Multiple Vulnerabilities-02 November-2016
Summary:This host is running Apple Mac OS X and; is prone to multiple vulnerabilities.
This host is running Apple Mac OS X and
is prone to multiple vulnerabilities.

Vulnerability Insight:
Multiple flaws are due to:

- The windowServer does not prevent session creation by a sandboxed

- A format string error in CoreServicesUIAgent.

- The Intel Graphics Driver does not properly validate a certain pointer.

- A buffer overflow error in ImageIO.

- An improper implementation of power management.

- The kernel places a kernel pointer into an XNU object data structure
accessible from user space.

- An error in Heimdal Kerberos.

- An error in CFNetwork HTTPProtocol.

- An error in IOKit Kernel.

- An integer overflow issue existed in LibYAML's handling of YAML tags.

- A heap-based buffer overflow issue error in Ruby.

- An error in secure transport regarding renegotiation.

Vulnerability Impact:
Successful exploitation will allow attacker
to execute arbitrary code or cause a denial of service (memory corruption), to
gain sensitive information and to bypass certain protection mechanism and
have other impacts.

Affected Software/OS:
Apple Mac OS X versions 10.9.x through

Updates are available.

CVSS Score:

CVSS Vector:

Cross-Ref: BugTraq ID: 63873
BugTraq ID: 67030
BugTraq ID: 67029
BugTraq ID: 67028
BugTraq ID: 67023
BugTraq ID: 67024
BugTraq ID: 67027
BugTraq ID: 65258
BugTraq ID: 67025
Common Vulnerability Exposure (CVE) ID: CVE-2014-1314
Common Vulnerability Exposure (CVE) ID: CVE-2014-1315
Common Vulnerability Exposure (CVE) ID: CVE-2014-1316
Common Vulnerability Exposure (CVE) ID: CVE-2014-1318
Common Vulnerability Exposure (CVE) ID: CVE-2014-1319
Common Vulnerability Exposure (CVE) ID: CVE-2014-1321
Common Vulnerability Exposure (CVE) ID: CVE-2014-1322
Common Vulnerability Exposure (CVE) ID: CVE-2014-1296
Common Vulnerability Exposure (CVE) ID: CVE-2014-1320
Common Vulnerability Exposure (CVE) ID: CVE-2013-6393
Debian Security Information: DSA-2850 (Google Search)
Debian Security Information: DSA-2870 (Google Search)
RedHat Security Advisories: RHSA-2014:0353
RedHat Security Advisories: RHSA-2014:0354
RedHat Security Advisories: RHSA-2014:0355
SuSE Security Announcement: openSUSE-SU-2014:0272 (Google Search)
SuSE Security Announcement: openSUSE-SU-2014:0273 (Google Search)
SuSE Security Announcement: openSUSE-SU-2015:0319 (Google Search)
SuSE Security Announcement: openSUSE-SU-2016:1067 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2013-4164
Debian Security Information: DSA-2809 (Google Search)
Debian Security Information: DSA-2810 (Google Search)
RedHat Security Advisories: RHSA-2013:1763
RedHat Security Advisories: RHSA-2013:1764
RedHat Security Advisories: RHSA-2013:1767
RedHat Security Advisories: RHSA-2014:0011
RedHat Security Advisories: RHSA-2014:0215
SuSE Security Announcement: SUSE-SU-2013:1897 (Google Search)
SuSE Security Announcement: openSUSE-SU-2013:1834 (Google Search)
SuSE Security Announcement: openSUSE-SU-2013:1835 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2014-1295
CopyrightCopyright (C) 2016 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2021 E-Soft Inc. All rights reserved.