Anfälligkeitssuche        Suche in 172616 CVE Beschreibungen
und 81291 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:
Kategorie:Mac OS X Local Security Checks
Titel:Apple Mac OS X Multiple Vulnerabilities-02 April-2017
Zusammenfassung:This host is running Apple Mac OS X and; is prone to multiple vulnerabilities.
This host is running Apple Mac OS X and
is prone to multiple vulnerabilities.

Vulnerability Insight:
Multiple flaws exists due to,

- An input validation error exists in Help Viewer's handling of help: URLs.

- A buffer overflow exists in the handling of images.

- A double free issue exists in the renewal or validation of existing tickets
in the KDC process.

- A logic issue in the handling of KDC requests may cause an assertion to be

- A logic issue exists in the handling of vfork where the Mach exception
handler is not reset in a certain case.

- A format string issue exists in the handling of afp:, cifs:, and smb: URLs.

- A man-in-the-middle attack in Open Directory.

- A character encoding issue exists in Printer Setup's handling of nearby printers.

- An integer overflow issue exists in the calculation of page sizes in the
cgtexttops CUPS filter.

Vulnerability Impact:
Successful exploitation will allow attacker
to conduct cross-site scripting attack, access sensitive information, cause
an unexpected application termination or arbitrary code execution, upload
files to arbitrary locations on the filesystem of a user and cause privilege

Affected Software/OS:
Apple Mac OS X and Mac OS X Server
version 10.6 through 10.6.3

Upgrade to Apple Mac OS X version
10.6.4 or later.

CVSS Score:

CVSS Vector:

Querverweis: BugTraq ID: 40886
BugTraq ID: 39599
BugTraq ID: 38260
BugTraq ID: 40902
BugTraq ID: 40905
BugTraq ID: 40903
Common Vulnerability Exposure (CVE) ID: CVE-2010-1373
BugTraq ID: 40871
Common Vulnerability Exposure (CVE) ID: CVE-2010-1816
Common Vulnerability Exposure (CVE) ID: CVE-2010-1320
Bugtraq: 20100420 MITKRB5-SA-2010-004 [CVE-2010-1320] double free in KDC (Google Search)
SuSE Security Announcement: SUSE-SR:2010:010 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2010-0283
Bugtraq: 20100216 MITKRB5-SA-2010-001 [CVE-2010-0283] krb5-1.7 KDC denial of service (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2010-1821
Common Vulnerability Exposure (CVE) ID: CVE-2010-1376
Common Vulnerability Exposure (CVE) ID: CVE-2010-1377
Common Vulnerability Exposure (CVE) ID: CVE-2010-1379
Common Vulnerability Exposure (CVE) ID: CVE-2010-1380
CopyrightCopyright (C) 2017 Greenbone Networks GmbH

Dies ist nur einer von 81291 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.