Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.810569
Category:Mac OS X Local Security Checks
Title:Apple Mac OS X Multiple Vulnerabilities-03 February-2017
Summary:Apple Mac OS X is prone to multiple vulnerabilities.
Description:Summary:
Apple Mac OS X is prone to multiple vulnerabilities.

Vulnerability Insight:
Multiple flaws exist due to:

- Multiple null pointer dereference errors.

- A logging issue in the handling of passwords.

- An issue existed in the parsing of disk images.

- A logic issue in libxpc.

- An issue within the path validation logic for symlinks in libarchive.

- Multiple object lifetime issues existed when spawning new processes.

- Multiple input validation issues existed in MIG generated code.

- An impersonation issue existed in the handling of call switching
in the IDS - Connectivity.

- A buffer overflow existed in the handling of font files.

- An out-of-bounds read error in FontParser.

- An user interface inconsistencies existed in the handling of relayed calls
in FaceTime.

- A phishing issue existed in the handling of proxy credentials.

- Multiple memory corruption errors.

Vulnerability Impact:
Successful exploitation will allow attacker
to execute arbitrary code or cause a denial of service, elevate privileges,
gain access to potentially sensitive information and overwrite arbitrary files.

Affected Software/OS:
Apple Mac OS X versions 10.10.x through
10.10.5 prior to build 14F2009, 10.11.x prior to build 15G1108 and 10.12.x prior
to 10.12.1

Solution:
Upgrade to Apple Mac OS X version 10.12.1
or later or apply appropriate patch. Please see the references for more information.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2016-7584
BugTraq ID: 94571
http://www.securityfocus.com/bid/94571
Common Vulnerability Exposure (CVE) ID: CVE-2016-4678
BugTraq ID: 93852
http://www.securityfocus.com/bid/93852
http://www.securitytracker.com/id/1037086
Common Vulnerability Exposure (CVE) ID: CVE-2016-4667
Common Vulnerability Exposure (CVE) ID: CVE-2016-4674
Common Vulnerability Exposure (CVE) ID: CVE-2016-7579
BugTraq ID: 93856
http://www.securityfocus.com/bid/93856
Common Vulnerability Exposure (CVE) ID: CVE-2016-4673
BugTraq ID: 93849
http://www.securityfocus.com/bid/93849
Common Vulnerability Exposure (CVE) ID: CVE-2016-7577
BugTraq ID: 94429
http://www.securityfocus.com/bid/94429
Common Vulnerability Exposure (CVE) ID: CVE-2016-4660
Common Vulnerability Exposure (CVE) ID: CVE-2016-4688
BugTraq ID: 94572
http://www.securityfocus.com/bid/94572
http://www.securitytracker.com/id/1037469
Common Vulnerability Exposure (CVE) ID: CVE-2016-4721
Common Vulnerability Exposure (CVE) ID: CVE-2016-4669
https://www.exploit-db.com/exploits/40654/
http://packetstormsecurity.com/files/158874/Safari-Webkit-For-iOS-7.1.2-JIT-Optimization-Bug.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-7613
BugTraq ID: 94116
http://www.securityfocus.com/bid/94116
Common Vulnerability Exposure (CVE) ID: CVE-2016-4679
Common Vulnerability Exposure (CVE) ID: CVE-2016-4675
Common Vulnerability Exposure (CVE) ID: CVE-2016-4661
Common Vulnerability Exposure (CVE) ID: CVE-2016-4670
BugTraq ID: 94433
http://www.securityfocus.com/bid/94433
Common Vulnerability Exposure (CVE) ID: CVE-2016-4780
CopyrightCopyright (C) 2017 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.