Anfälligkeitssuche        Suche in 172616 CVE Beschreibungen
und 81291 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.810930
Kategorie:Mac OS X Local Security Checks
Titel:Apple Mac OS X Multiple Vulnerabilities-02 April-2017
Zusammenfassung:This host is running Apple Mac OS X and; is prone to multiple vulnerabilities.
Beschreibung:Summary:
This host is running Apple Mac OS X and
is prone to multiple vulnerabilities.

Vulnerability Insight:
Multiple flaws exists due to,

- An input validation error exists in Help Viewer's handling of help: URLs.

- A buffer overflow exists in the handling of images.

- A double free issue exists in the renewal or validation of existing tickets
in the KDC process.

- A logic issue in the handling of KDC requests may cause an assertion to be
triggered.

- A logic issue exists in the handling of vfork where the Mach exception
handler is not reset in a certain case.

- A format string issue exists in the handling of afp:, cifs:, and smb: URLs.

- A man-in-the-middle attack in Open Directory.

- A character encoding issue exists in Printer Setup's handling of nearby printers.

- An integer overflow issue exists in the calculation of page sizes in the
cgtexttops CUPS filter.

Vulnerability Impact:
Successful exploitation will allow attacker
to conduct cross-site scripting attack, access sensitive information, cause
an unexpected application termination or arbitrary code execution, upload
files to arbitrary locations on the filesystem of a user and cause privilege
escalation.

Affected Software/OS:
Apple Mac OS X and Mac OS X Server
version 10.6 through 10.6.3

Solution:
Upgrade to Apple Mac OS X version
10.6.4 or later.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Querverweis: BugTraq ID: 40886
BugTraq ID: 39599
BugTraq ID: 38260
BugTraq ID: 40902
BugTraq ID: 40905
BugTraq ID: 40903
Common Vulnerability Exposure (CVE) ID: CVE-2010-1373
http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html
BugTraq ID: 40871
http://www.securityfocus.com/bid/40871
http://securitytracker.com/id?1024103
http://secunia.com/advisories/40220
http://www.vupen.com/english/advisories/2010/1481
Common Vulnerability Exposure (CVE) ID: CVE-2010-1816
https://support.apple.com/en-us/HT4188
Common Vulnerability Exposure (CVE) ID: CVE-2010-1320
http://www.securityfocus.com/bid/39599
Bugtraq: 20100420 MITKRB5-SA-2010-004 [CVE-2010-1320] double free in KDC (Google Search)
http://www.securityfocus.com/archive/1/510843/100/0/threaded
http://securitytracker.com/id?1023904
http://secunia.com/advisories/39656
http://secunia.com/advisories/39784
SuSE Security Announcement: SUSE-SR:2010:010 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00006.html
http://www.ubuntu.com/usn/USN-940-1
http://www.vupen.com/english/advisories/2010/1001
http://www.vupen.com/english/advisories/2010/1192
Common Vulnerability Exposure (CVE) ID: CVE-2010-0283
http://www.securityfocus.com/bid/38260
Bugtraq: 20100216 MITKRB5-SA-2010-001 [CVE-2010-0283] krb5-1.7 KDC denial of service (Google Search)
http://www.securityfocus.com/archive/1/509553/100/0/threaded
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035222.html
http://securitytracker.com/id?1023593
http://secunia.com/advisories/38598
http://secunia.com/advisories/39023
http://www.ubuntu.com/usn/USN-916-1
Common Vulnerability Exposure (CVE) ID: CVE-2010-1821
Common Vulnerability Exposure (CVE) ID: CVE-2010-1376
Common Vulnerability Exposure (CVE) ID: CVE-2010-1377
Common Vulnerability Exposure (CVE) ID: CVE-2010-1379
Common Vulnerability Exposure (CVE) ID: CVE-2010-1380
CopyrightCopyright (C) 2017 Greenbone Networks GmbH

Dies ist nur einer von 81291 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.