Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.814422
Category:Mac OS X Local Security Checks
Title:Apple MacOSX Security Updates(HT209193)-02
Summary:Apple Mac OS X is prone to multiple vulnerabilities.
Description:Summary:
Apple Mac OS X is prone to multiple vulnerabilities.

Vulnerability Insight:
Multiple flaws exist due to:

- Multiple memory corruption issues related to improper memory handling.

- An out-of-bounds read issue related to improper input validation.

- A validation issue was addressed with improper logic.

- A logic issue was addressed with improper validation.

- Systems with microprocessors utilizing speculative execution and that perform
speculative reads of system registers may allow unauthorized disclosure of
system parameters.

- An issue existed in the method for determining prime numbers.

Vulnerability Impact:
Successful exploitation allows attackers to
execute arbitrary code, gain elevated privileges, disclose sensitive
information and cause denial of service condition.

Affected Software/OS:
Apple Mac OS X version 10.14.x prior to
10.14.1, 10.12.x through 10.12.6 before build 16G1618 and 10.13.x through
10.13.6 before build 17G3025

Solution:
Apply the appropriate security patch. Please see the references for more information.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2018-4340
https://support.apple.com/kb/HT209106
https://support.apple.com/kb/HT209107
https://support.apple.com/kb/HT209108
https://support.apple.com/kb/HT209139
https://support.apple.com/kb/HT209193
Common Vulnerability Exposure (CVE) ID: CVE-2018-4419
https://support.apple.com/kb/HT209192
https://support.apple.com/kb/HT209194
https://support.apple.com/kb/HT209195
Common Vulnerability Exposure (CVE) ID: CVE-2018-4425
Common Vulnerability Exposure (CVE) ID: CVE-2018-4371
Common Vulnerability Exposure (CVE) ID: CVE-2018-4400
Common Vulnerability Exposure (CVE) ID: CVE-2018-4402
Common Vulnerability Exposure (CVE) ID: CVE-2018-4422
Common Vulnerability Exposure (CVE) ID: CVE-2018-4423
Common Vulnerability Exposure (CVE) ID: CVE-2018-4420
Common Vulnerability Exposure (CVE) ID: CVE-2018-3640
BugTraq ID: 104228
http://www.securityfocus.com/bid/104228
Cert/CC Advisory: TA18-141A
https://www.us-cert.gov/ncas/alerts/TA18-141A
CERT/CC vulnerability note: VU#180049
https://www.kb.cert.org/vuls/id/180049
Cisco Security Advisory: 20180522 CPU Side-Channel Information Disclosure Vulnerabilities: May 2018
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180521-cpusidechannel
Debian Security Information: DSA-4273 (Google Search)
https://www.debian.org/security/2018/dsa-4273
https://lists.debian.org/debian-lts-announce/2018/07/msg00038.html
https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html
http://www.securitytracker.com/id/1040949
http://www.securitytracker.com/id/1042004
https://usn.ubuntu.com/3756-1/
Common Vulnerability Exposure (CVE) ID: CVE-2018-4368
Common Vulnerability Exposure (CVE) ID: CVE-2018-4413
Common Vulnerability Exposure (CVE) ID: CVE-2018-4410
Common Vulnerability Exposure (CVE) ID: CVE-2018-4415
Common Vulnerability Exposure (CVE) ID: CVE-2018-4398
https://support.apple.com/kb/HT209197
https://support.apple.com/kb/HT209198
Common Vulnerability Exposure (CVE) ID: CVE-2018-4394
CopyrightCopyright (C) 2018 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.