Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:Mac OS X Local Security Checks
Title:Apple Mac OS X Multiple Vulnerabilities-03 November-2016
Summary:This host is running Apple Mac OS X and; is prone to multiple vulnerabilities.
This host is running Apple Mac OS X and
is prone to multiple vulnerabilities.

Vulnerability Insight:
Multiple flaws are due to:

- The windowServer does not prevent session creation by a sandboxed

- A buffer underflow error in CoreGraphics.

- The CFNetwork does not ensure that a Set-Cookie HTTP header is complete
before interpreting the header's value.

- The Intel Graphics Driver does not properly validate a certain pointer.

- A heap-based buffer overflow error in Ruby.

- The Secure Transport does not ensure that a server's X.509 certificate is
the same during renegotiation as it was before renegotiation.

Vulnerability Impact:
Successful exploitation will allow attacker
to execute arbitrary code or cause a denial of service (memory corruption), to
gain sensitive information and to bypass certain protection mechanism and
have other impacts.

Affected Software/OS:
Apple Mac OS X versions 10.8.x through

Updates are available. Please see the references or vendor advisory for more information.

CVSS Score:

CVSS Vector:

Cross-Ref: BugTraq ID: 63873
BugTraq ID: 63330
BugTraq ID: 67024
BugTraq ID: 67029
BugTraq ID: 67025
Common Vulnerability Exposure (CVE) ID: CVE-2014-1314
Common Vulnerability Exposure (CVE) ID: CVE-2013-5170
Common Vulnerability Exposure (CVE) ID: CVE-2014-1296
Common Vulnerability Exposure (CVE) ID: CVE-2014-1318
Common Vulnerability Exposure (CVE) ID: CVE-2013-4164
Debian Security Information: DSA-2809 (Google Search)
Debian Security Information: DSA-2810 (Google Search)
RedHat Security Advisories: RHSA-2013:1763
RedHat Security Advisories: RHSA-2013:1764
RedHat Security Advisories: RHSA-2013:1767
RedHat Security Advisories: RHSA-2014:0011
RedHat Security Advisories: RHSA-2014:0215
SuSE Security Announcement: SUSE-SU-2013:1897 (Google Search)
SuSE Security Announcement: openSUSE-SU-2013:1834 (Google Search)
SuSE Security Announcement: openSUSE-SU-2013:1835 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2014-1295
CopyrightCopyright (C) 2016 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2021 E-Soft Inc. All rights reserved.