Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.812408
Category:Mac OS X Local Security Checks
Title:Apple MacOSX Security Updates(HT208331)-04
Summary:Apple Mac OS X is prone to multiple vulnerabilities.
Description:Summary:
Apple Mac OS X is prone to multiple vulnerabilities.

Vulnerability Insight:
The Security update resolves,

- A memory corruption issue was addressed with improved memory handling.

- An out-of-bounds read was addressed through improved bounds checking.

- A logic error existed in the validation of credentials.

- An inconsistent user interface issue was addressed with improved state management.

- An input validation issue existed in the kernel.

- An out-of-bounds read issue existed that led to the disclosure of kernel memory.

- A validation issue was addressed with improved input sanitization.

- An encryption issue existed with S/MIME credentials.

Vulnerability Impact:
Successful exploitation will allow remote
attackers to execute arbitrary code with kernel and system privileges. Also
attacker may be able to bypass administrator authentication without supplying
the administrator's password.

Affected Software/OS:
Apple Mac OS X version 10.13.1

Solution:
Upgrade to Apple Mac OS X 10.13.2 or later.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2017-13876
Common Vulnerability Exposure (CVE) ID: CVE-2017-13875
Common Vulnerability Exposure (CVE) ID: CVE-2017-13871
Common Vulnerability Exposure (CVE) ID: CVE-2017-13860
Common Vulnerability Exposure (CVE) ID: CVE-2017-13883
Common Vulnerability Exposure (CVE) ID: CVE-2017-13848
Common Vulnerability Exposure (CVE) ID: CVE-2017-13858
Common Vulnerability Exposure (CVE) ID: CVE-2017-13878
Common Vulnerability Exposure (CVE) ID: CVE-2017-13865
CopyrightCopyright (C) 2017 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.