Anfälligkeitssuche        Suche in 172616 CVE Beschreibungen
und 81291 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.805484
Kategorie:Mac OS X Local Security Checks
Titel:Apple Mac OS X Multiple Vulnerabilities -02 Mar15
Zusammenfassung:This host is running Apple Mac OS X and; is prone to multiple vulnerabilities.
Beschreibung:Summary:
This host is running Apple Mac OS X and
is prone to multiple vulnerabilities.

Vulnerability Insight:
Multiple flaws are due to,

- The flaw in Spotlight that is triggered as the status of Mails
'load remote content in messages' setting is not properly checked

- The flaw in the Bluetooth driver that is triggered can allow a specially
crafted application to control the size of a write to kernel memory.

Vulnerability Impact:
Successful exploitation will allow remote
attackers to determine the IP address of the recipient of an email, a local
attacker to gain elevated privileges.

Affected Software/OS:
Apple Mac OS X version 10.10.x through
10.10.1

Solution:
Upgrade to Apple Mac OS X version 10.10.2

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Querverweis: BugTraq ID: 72328
Common Vulnerability Exposure (CVE) ID: CVE-2014-8839
http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html
http://heise.de/newsticker/meldung/Datenschutzpanne-in-Mac-OS-X-Yosemite-2514198.html
http://www.theregister.co.uk/2015/01/10/spotlight_caught_spreading_your_delicates/
http://securitytracker.com/id/1031521
XForce ISS Database: macosx-cve20148839-sec-bypass(100527)
https://exchange.xforce.ibmcloud.com/vulnerabilities/100527
Common Vulnerability Exposure (CVE) ID: CVE-2014-8836
http://code.google.com/p/google-security-research/issues/detail?id=136
http://www.securitytracker.com/id/1031626
XForce ISS Database: macosx-cve20148836-priv-esc(100490)
https://exchange.xforce.ibmcloud.com/vulnerabilities/100490
CopyrightCopyright (C) 2015 Greenbone Networks GmbH

Dies ist nur einer von 81291 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.