Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.810220
Category:Mac OS X Local Security Checks
Title:Apple Mac OS X Multiple Vulnerabilities-02 November-2016
Summary:This host is running Apple Mac OS X and; is prone to multiple vulnerabilities.
Description:Summary:
This host is running Apple Mac OS X and
is prone to multiple vulnerabilities.

Vulnerability Insight:
Multiple flaws are due to:

- The windowServer does not prevent session creation by a sandboxed
application.

- A format string error in CoreServicesUIAgent.

- The Intel Graphics Driver does not properly validate a certain pointer.

- A buffer overflow error in ImageIO.

- An improper implementation of power management.

- The kernel places a kernel pointer into an XNU object data structure
accessible from user space.

- An error in Heimdal Kerberos.

- An error in CFNetwork HTTPProtocol.

- An error in IOKit Kernel.

- An integer overflow issue existed in LibYAML's handling of YAML tags.

- A heap-based buffer overflow issue error in Ruby.

- An error in secure transport regarding renegotiation.

Vulnerability Impact:
Successful exploitation will allow attacker
to execute arbitrary code or cause a denial of service (memory corruption), to
gain sensitive information and to bypass certain protection mechanism and
have other impacts.

Affected Software/OS:
Apple Mac OS X versions 10.9.x through
10.9.2

Solution:
Updates are available.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: BugTraq ID: 63873
BugTraq ID: 67030
BugTraq ID: 67029
BugTraq ID: 67028
BugTraq ID: 67023
BugTraq ID: 67024
BugTraq ID: 67027
BugTraq ID: 65258
BugTraq ID: 67025
Common Vulnerability Exposure (CVE) ID: CVE-2014-1314
http://archives.neohapsis.com/archives/bugtraq/2014-04/0134.html
Common Vulnerability Exposure (CVE) ID: CVE-2014-1315
Common Vulnerability Exposure (CVE) ID: CVE-2014-1316
Common Vulnerability Exposure (CVE) ID: CVE-2014-1318
Common Vulnerability Exposure (CVE) ID: CVE-2014-1319
Common Vulnerability Exposure (CVE) ID: CVE-2014-1321
Common Vulnerability Exposure (CVE) ID: CVE-2014-1322
Common Vulnerability Exposure (CVE) ID: CVE-2014-1296
http://archives.neohapsis.com/archives/bugtraq/2014-04/0136.html
http://archives.neohapsis.com/archives/bugtraq/2014-04/0135.html
Common Vulnerability Exposure (CVE) ID: CVE-2014-1320
Common Vulnerability Exposure (CVE) ID: CVE-2013-6393
http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html
http://www.securityfocus.com/bid/65258
Debian Security Information: DSA-2850 (Google Search)
http://www.debian.org/security/2014/dsa-2850
Debian Security Information: DSA-2870 (Google Search)
http://www.debian.org/security/2014/dsa-2870
http://www.mandriva.com/security/advisories?name=MDVSA-2015:060
https://bugzilla.redhat.com/attachment.cgi?id=847926&action=diff
http://osvdb.org/102716
RedHat Security Advisories: RHSA-2014:0353
http://rhn.redhat.com/errata/RHSA-2014-0353.html
RedHat Security Advisories: RHSA-2014:0354
http://rhn.redhat.com/errata/RHSA-2014-0354.html
RedHat Security Advisories: RHSA-2014:0355
http://rhn.redhat.com/errata/RHSA-2014-0355.html
SuSE Security Announcement: openSUSE-SU-2014:0272 (Google Search)
http://lists.opensuse.org/opensuse-updates/2014-02/msg00064.html
SuSE Security Announcement: openSUSE-SU-2014:0273 (Google Search)
http://lists.opensuse.org/opensuse-updates/2014-02/msg00065.html
SuSE Security Announcement: openSUSE-SU-2015:0319 (Google Search)
http://lists.opensuse.org/opensuse-updates/2015-02/msg00078.html
SuSE Security Announcement: openSUSE-SU-2016:1067 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-04/msg00050.html
http://www.ubuntu.com/usn/USN-2098-1
Common Vulnerability Exposure (CVE) ID: CVE-2013-4164
http://www.securityfocus.com/bid/63873
Debian Security Information: DSA-2809 (Google Search)
http://www.debian.org/security/2013/dsa-2809
Debian Security Information: DSA-2810 (Google Search)
http://www.debian.org/security/2013/dsa-2810
http://osvdb.org/100113
RedHat Security Advisories: RHSA-2013:1763
http://rhn.redhat.com/errata/RHSA-2013-1763.html
RedHat Security Advisories: RHSA-2013:1764
http://rhn.redhat.com/errata/RHSA-2013-1764.html
RedHat Security Advisories: RHSA-2013:1767
http://rhn.redhat.com/errata/RHSA-2013-1767.html
RedHat Security Advisories: RHSA-2014:0011
http://rhn.redhat.com/errata/RHSA-2014-0011.html
RedHat Security Advisories: RHSA-2014:0215
http://rhn.redhat.com/errata/RHSA-2014-0215.html
http://secunia.com/advisories/55787
http://secunia.com/advisories/57376
SuSE Security Announcement: SUSE-SU-2013:1897 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00009.html
SuSE Security Announcement: openSUSE-SU-2013:1834 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-12/msg00027.html
SuSE Security Announcement: openSUSE-SU-2013:1835 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-12/msg00028.html
http://www.ubuntu.com/usn/USN-2035-1
Common Vulnerability Exposure (CVE) ID: CVE-2014-1295
https://secure-resumption.com/
CopyrightCopyright (C) 2016 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.