Anfälligkeitssuche        Suche in 172616 CVE Beschreibungen
und 81291 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.802146
Kategorie:Mac OS X Local Security Checks
Titel:Apple Mac OS X iWork 9.1 Update
Zusammenfassung:This host is missing an important security update according to; Mac OS X iWork 9.1 Update.
Beschreibung:Summary:
This host is missing an important security update according to
Mac OS X iWork 9.1 Update.

Vulnerability Insight:
The flaws are due to

- a buffer overflow error, while handling the 'Excel' files.

- a memory corruption issue, while handling the 'Excel' files and Microsoft
Word documents.

Vulnerability Impact:
Successful exploitation could allow attackers to opening a maliciously
crafted files, which leads to an unexpected application termination or arbitrary code execution.

Affected Software/OS:
Mac OS X iWork version 9.0 through 9.0.5.

Solution:
Apply the update from the referenced link.

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Querverweis: BugTraq ID: 44812
BugTraq ID: 44799
BugTraq ID: 46832
Common Vulnerability Exposure (CVE) ID: CVE-2010-3785
http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00006.html
http://www.securitytracker.com/id?1024723
Common Vulnerability Exposure (CVE) ID: CVE-2010-3786
http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=881
http://secunia.com/advisories/42314
http://www.vupen.com/english/advisories/2010/3046
Common Vulnerability Exposure (CVE) ID: CVE-2011-1417
http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html
http://lists.apple.com/archives/security-announce/2011//Apr/msg00000.html
http://lists.apple.com/archives/security-announce/2011//Apr/msg00001.html
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00005.html
http://dvlabs.tippingpoint.com/blog/2011/02/02/pwn2own-2011
http://www.zdnet.com/blog/security/charlie-miller-wins-pwn2own-again-with-iphone-4-exploit/8378
http://www.zerodayinitiative.com/advisories/ZDI-11-109/
http://secunia.com/advisories/44154
CopyrightCopyright (C) 2011 Greenbone Networks GmbH

Dies ist nur einer von 81291 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.