Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:Mac OS X Local Security Checks
Title:Apple Mac OS X Multiple Vulnerabilities-02 April-2017
Summary:Apple Mac OS X is prone to multiple vulnerabilities.
Apple Mac OS X is prone to multiple vulnerabilities.

Vulnerability Insight:
Multiple flaws exist due to:

- An input validation error exists in Help Viewer's handling of help: URLs.

- A buffer overflow exists in the handling of images.

- A double free issue exists in the renewal or validation of existing tickets
in the KDC process.

- A logic issue in the handling of KDC requests may cause an assertion to be

- A logic issue exists in the handling of vfork where the Mach exception
handler is not reset in a certain case.

- A format string issue exists in the handling of afp:, cifs:, and smb: URLs.

- A man-in-the-middle attack in Open Directory.

- A character encoding issue exists in Printer Setup's handling of nearby printers.

- An integer overflow issue exists in the calculation of page sizes in the
cgtexttops CUPS filter.

Vulnerability Impact:
Successful exploitation will allow attacker
to conduct cross-site scripting attack, access sensitive information, cause
an unexpected application termination or arbitrary code execution, upload
files to arbitrary locations on the filesystem of a user and cause privilege

Affected Software/OS:
Apple Mac OS X and Mac OS X Server
version 10.6 through 10.6.3

Upgrade to Apple Mac OS X version
10.6.4 or later.

CVSS Score:

CVSS Vector:

Cross-Ref: BugTraq ID: 40886
BugTraq ID: 39599
BugTraq ID: 38260
BugTraq ID: 40902
BugTraq ID: 40905
BugTraq ID: 40903
Common Vulnerability Exposure (CVE) ID: CVE-2010-1373
BugTraq ID: 40871
Common Vulnerability Exposure (CVE) ID: CVE-2010-1816
Common Vulnerability Exposure (CVE) ID: CVE-2010-1320
Bugtraq: 20100420 MITKRB5-SA-2010-004 [CVE-2010-1320] double free in KDC (Google Search)
SuSE Security Announcement: SUSE-SR:2010:010 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2010-0283
Bugtraq: 20100216 MITKRB5-SA-2010-001 [CVE-2010-0283] krb5-1.7 KDC denial of service (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2010-1821
Common Vulnerability Exposure (CVE) ID: CVE-2010-1376
Common Vulnerability Exposure (CVE) ID: CVE-2010-1377
Common Vulnerability Exposure (CVE) ID: CVE-2010-1379
Common Vulnerability Exposure (CVE) ID: CVE-2010-1380
CopyrightCopyright (C) 2017 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2021 E-Soft Inc. All rights reserved.