Anfälligkeitssuche        Suche in 172616 CVE Beschreibungen
und 81291 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:
Kategorie:Mac OS X Local Security Checks
Titel:Apple Mac OS X Multiple Vulnerabilities - 02 Jan14
Zusammenfassung:This host is running Apple Mac OS X and; is prone to multiple vulnerabilities.
This host is running Apple Mac OS X and
is prone to multiple vulnerabilities.

Vulnerability Insight:
Multiple flaws are due to,

- Permanent cookies were saved after quitting Safari, even when Private
Browsing was enabled.

- An unbounded stack allocation issue existed in the handling of text glyphs.

- A privilege escalation issue existed in the handling of CUPS configuration
via the CUPS web interface.

- A local user who is not an administrator may disable FileVault using the

- A buffer overflow existed in the handling of MP3 files.

- A buffer overflow existed in the handling of FPX files.

- A memory corruption issue existed in the handling of QTIF files.

- A buffer overflow existed in the handling of 'enof' atoms.

- Multiple errors in OpenSSL.

- There were known attacks on the confidentiality of TLS 1.0 when compression
was enabled.

- An uninitialized memory access issue existed in the handling of text tracks.

- A buffer overflow existed in the handling of PICT images.

- If SMB file sharing is enabled, an authenticated user may be able to write
files outside the shared directory.

Vulnerability Impact:
Successful exploitation will allow
attackers to, execute arbitrary code or cause a denial of service or
lead to an unexpected application termination.

Affected Software/OS:
Apple Mac OS X version 10.8 to 10.8.3,
10.7 to 10.7.5 and 10.6.8

Upgrade to Apple Mac OS X version 10.8.4
or later or apply appropriate security update for 10.7 and 10.6 versions. Please see the references for more information.

CVSS Score:

CVSS Vector:

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2013-0982
Common Vulnerability Exposure (CVE) ID: CVE-2013-0983
Common Vulnerability Exposure (CVE) ID: CVE-2012-5519
BugTraq ID: 56494
RedHat Security Advisories: RHSA-2013:0580
SuSE Security Announcement: SUSE-SU-2015:1041 (Google Search)
SuSE Security Announcement: SUSE-SU-2015:1044 (Google Search)
SuSE Security Announcement: openSUSE-SU-2015:1056 (Google Search)
XForce ISS Database: cups-systemgroup-priv-esc(80012)
Common Vulnerability Exposure (CVE) ID: CVE-2013-0985
Common Vulnerability Exposure (CVE) ID: CVE-2013-0989
Common Vulnerability Exposure (CVE) ID: CVE-2012-4929
BugTraq ID: 55704
Debian Security Information: DSA-2579 (Google Search)
Debian Security Information: DSA-2627 (Google Search)
Debian Security Information: DSA-3253 (Google Search)
HPdes Security Advisory: HPSBUX02866
HPdes Security Advisory: SSRT101139
RedHat Security Advisories: RHSA-2013:0587
SuSE Security Announcement: openSUSE-SU-2012:1420 (Google Search)
SuSE Security Announcement: openSUSE-SU-2013:0143 (Google Search)
SuSE Security Announcement: openSUSE-SU-2013:0157 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2011-1945
CERT/CC vulnerability note: VU#536044
Debian Security Information: DSA-2309 (Google Search)
SuSE Security Announcement: SUSE-SU-2011:0636 (Google Search)
SuSE Security Announcement: openSUSE-SU-2011:0634 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2011-3207
HPdes Security Advisory: HPSBMU02752
HPdes Security Advisory: SSRT100802
Common Vulnerability Exposure (CVE) ID: CVE-2011-3210
HPdes Security Advisory: HPSBUX02734
HPdes Security Advisory: SSRT100729
Common Vulnerability Exposure (CVE) ID: CVE-2011-4108
CERT/CC vulnerability note: VU#737740
Debian Security Information: DSA-2390 (Google Search)
HPdes Security Advisory: HPSBMU02776
HPdes Security Advisory: HPSBMU02786
HPdes Security Advisory: HPSBOV02793
HPdes Security Advisory: SSRT100852
HPdes Security Advisory: SSRT100877
HPdes Security Advisory: SSRT100891
RedHat Security Advisories: RHSA-2012:1306
RedHat Security Advisories: RHSA-2012:1307
RedHat Security Advisories: RHSA-2012:1308
SuSE Security Announcement: SUSE-SU-2012:0084 (Google Search)
SuSE Security Announcement: SUSE-SU-2014:0320 (Google Search)
SuSE Security Announcement: openSUSE-SU-2012:0083 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2011-4109
XForce ISS Database: openssl-policy-checks-dos(72129)
Common Vulnerability Exposure (CVE) ID: CVE-2011-4576
Common Vulnerability Exposure (CVE) ID: CVE-2011-4577
Common Vulnerability Exposure (CVE) ID: CVE-2011-4619
HPdes Security Advisory: HPSBUX02782
HPdes Security Advisory: SSRT100844
Common Vulnerability Exposure (CVE) ID: CVE-2012-0050
BugTraq ID: 51563
Debian Security Information: DSA-2392 (Google Search)
HPdes Security Advisory: HPSBUX02737
HPdes Security Advisory: SSRT100747
Common Vulnerability Exposure (CVE) ID: CVE-2012-2110
BugTraq ID: 53158
Debian Security Information: DSA-2454 (Google Search)
HPdes Security Advisory: HPSBMU02900
HPdes Security Advisory: SSRT101210
RedHat Security Advisories: RHSA-2012:0518
RedHat Security Advisories: RHSA-2012:0522
SuSE Security Announcement: SUSE-SU-2012:0623 (Google Search)
SuSE Security Announcement: SUSE-SU-2012:0637 (Google Search)
SuSE Security Announcement: SUSE-SU-2012:1149 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2012-2131
BugTraq ID: 53212
XForce ISS Database: openssl-asn1-code-execution(75099)
Common Vulnerability Exposure (CVE) ID: CVE-2012-2333
BugTraq ID: 53476
Debian Security Information: DSA-2475 (Google Search)
HPdes Security Advisory: HPSBOV02852
HPdes Security Advisory: HPSBUX02814
HPdes Security Advisory: SSRT100930
HPdes Security Advisory: SSRT101108
RedHat Security Advisories: RHSA-2012:0699
SuSE Security Announcement: SUSE-SU-2012:0678 (Google Search)
SuSE Security Announcement: SUSE-SU-2012:0679 (Google Search)
XForce ISS Database: openssl-tls-record-dos(75525)
Common Vulnerability Exposure (CVE) ID: CVE-2013-0986
Common Vulnerability Exposure (CVE) ID: CVE-2013-0987
Common Vulnerability Exposure (CVE) ID: CVE-2013-0988
Common Vulnerability Exposure (CVE) ID: CVE-2013-0990
Common Vulnerability Exposure (CVE) ID: CVE-2013-0975
Common Vulnerability Exposure (CVE) ID: CVE-2013-1024
CopyrightCopyright (C) 2014 Greenbone Networks GmbH

Dies ist nur einer von 81291 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.