Test ID:	1.3.6.1.4.1.25623.1.0.810222
Category:	Mac OS X Local Security Checks
Title:	Apple Mac OS X Multiple Vulnerabilities-03 (Nov 2016)
Summary:	Apple Mac OS X is prone to multiple vulnerabilities.
Description:	Summary: Apple Mac OS X is prone to multiple vulnerabilities. Vulnerability Insight: Multiple flaws are due to: - The windowServer does not prevent session creation by a sandboxed application. - A buffer underflow error in CoreGraphics. - The CFNetwork does not ensure that a Set-Cookie HTTP header is complete before interpreting the header's value. - The Intel Graphics Driver does not properly validate a certain pointer. - A heap-based buffer overflow error in Ruby. - The Secure Transport does not ensure that a server's X.509 certificate is the same during renegotiation as it was before renegotiation. Vulnerability Impact: Successful exploitation will allow attacker to execute arbitrary code or cause a denial of service (memory corruption), to gain sensitive information and to bypass certain protection mechanism and have other impacts. Affected Software/OS: Apple Mac OS X versions 10.8.x through 10.8.5 Solution: Updates are available. Please see the references or vendor advisory for more information. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2014-1314 http://archives.neohapsis.com/archives/bugtraq/2014-04/0134.html Common Vulnerability Exposure (CVE) ID: CVE-2013-5170 http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html Common Vulnerability Exposure (CVE) ID: CVE-2014-1296 http://archives.neohapsis.com/archives/bugtraq/2014-04/0136.html http://archives.neohapsis.com/archives/bugtraq/2014-04/0135.html Common Vulnerability Exposure (CVE) ID: CVE-2014-1318 Common Vulnerability Exposure (CVE) ID: CVE-2013-4164 http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html BugTraq ID: 63873 http://www.securityfocus.com/bid/63873 Debian Security Information: DSA-2809 (Google Search) http://www.debian.org/security/2013/dsa-2809 Debian Security Information: DSA-2810 (Google Search) http://www.debian.org/security/2013/dsa-2810 http://osvdb.org/100113 RedHat Security Advisories: RHSA-2013:1763 http://rhn.redhat.com/errata/RHSA-2013-1763.html RedHat Security Advisories: RHSA-2013:1764 http://rhn.redhat.com/errata/RHSA-2013-1764.html RedHat Security Advisories: RHSA-2013:1767 http://rhn.redhat.com/errata/RHSA-2013-1767.html RedHat Security Advisories: RHSA-2014:0011 http://rhn.redhat.com/errata/RHSA-2014-0011.html RedHat Security Advisories: RHSA-2014:0215 http://rhn.redhat.com/errata/RHSA-2014-0215.html http://secunia.com/advisories/55787 http://secunia.com/advisories/57376 SuSE Security Announcement: SUSE-SU-2013:1897 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00009.html SuSE Security Announcement: openSUSE-SU-2013:1834 (Google Search) http://lists.opensuse.org/opensuse-updates/2013-12/msg00027.html SuSE Security Announcement: openSUSE-SU-2013:1835 (Google Search) http://lists.opensuse.org/opensuse-updates/2013-12/msg00028.html http://www.ubuntu.com/usn/USN-2035-1 Common Vulnerability Exposure (CVE) ID: CVE-2014-1295 https://secure-resumption.com/
Copyright	Copyright (C) 2016 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.