Anfälligkeitssuche        Suche in 172616 CVE Beschreibungen
und 81291 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.813510
Kategorie:Mac OS X Local Security Checks
Titel:Apple MacOSX Security Updates(HT208849)-01
Zusammenfassung:This host is installed with Apple Mac OS X; and is prone to multiple vulnerabilities.
Beschreibung:Summary:
This host is installed with Apple Mac OS X
and is prone to multiple vulnerabilities.

Vulnerability Insight:
Multiple flaws exists due to,

- A logic issue in validation.

- A memory corruption issue in memory handling.

- An injection issue in input validation.

- A race condition in locking.

- A validation issue in input sanitization.

- A type confusion issue in memory handling.

- A buffer overflow issue in bounds checking.

- A device configuration issue in configuration.

- An out-of-bounds read issue leading to the disclosure of kernel memory.

- A sandbox issue in handling of microphone access.

- An issue in parsing entitlement plists.

- An issue in the handling of S-MIME certificaties.

- An authorization issue in state management.

- An issue in the handling of encrypted Mail.

- An input validation issue.

- A memory corruption vulnerability in improved locking.

- An information disclosure issue in Accessibility Framework.

- A validation issue existed in the handling of text.

Vulnerability Impact:
Successful exploitation will allow remote
attackers to gain elevated privileges, execute arbitrary code, conduct
impersonation attacks, read restricted memory, modify the EFI flash memory
region, circumvent sandbox restrictions, read a persistent account identifier,
read kernel memory, view sensitive user information, exfiltrate the contents
of S/MIME- encrypted e-mail, spoof password prompts in iBooks and cause denial
of service.

Affected Software/OS:
Apple Mac OS X versions,
10.13.x through 10.13.4

Solution:
Upgrade to Apple Mac OS X 10.13.5 or later. Please see the references for more information.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2018-4237
https://www.exploit-db.com/exploits/45916/
http://www.securitytracker.com/id/1041027
Common Vulnerability Exposure (CVE) ID: CVE-2018-4236
Common Vulnerability Exposure (CVE) ID: CVE-2018-4235
Common Vulnerability Exposure (CVE) ID: CVE-2018-4234
Common Vulnerability Exposure (CVE) ID: CVE-2018-4230
https://www.exploit-db.com/exploits/44847/
https://bugs.chromium.org/p/project-zero/issues/detail?id=1549
Common Vulnerability Exposure (CVE) ID: CVE-2018-4141
Common Vulnerability Exposure (CVE) ID: CVE-2018-4219
Common Vulnerability Exposure (CVE) ID: CVE-2018-4241
https://www.exploit-db.com/exploits/44849/
https://bugs.chromium.org/p/project-zero/issues/detail?id=1558
Common Vulnerability Exposure (CVE) ID: CVE-2018-4243
https://www.exploit-db.com/exploits/44848/
https://bugs.chromium.org/p/project-zero/issues/detail?id=1564
Common Vulnerability Exposure (CVE) ID: CVE-2018-4251
http://seclists.org/fulldisclosure/2019/Mar/45
Common Vulnerability Exposure (CVE) ID: CVE-2018-4253
Common Vulnerability Exposure (CVE) ID: CVE-2018-7584
BugTraq ID: 103204
http://www.securityfocus.com/bid/103204
Debian Security Information: DSA-4240 (Google Search)
https://www.debian.org/security/2018/dsa-4240
https://www.exploit-db.com/exploits/44846/
https://lists.debian.org/debian-lts-announce/2018/03/msg00030.html
https://lists.debian.org/debian-lts-announce/2018/06/msg00005.html
RedHat Security Advisories: RHSA-2019:2519
https://access.redhat.com/errata/RHSA-2019:2519
http://www.securitytracker.com/id/1041607
https://usn.ubuntu.com/3600-1/
https://usn.ubuntu.com/3600-2/
Common Vulnerability Exposure (CVE) ID: CVE-2018-4184
Common Vulnerability Exposure (CVE) ID: CVE-2018-4228
Common Vulnerability Exposure (CVE) ID: CVE-2018-4229
Common Vulnerability Exposure (CVE) ID: CVE-2018-4221
BugTraq ID: 104897
http://www.securityfocus.com/bid/104897
Common Vulnerability Exposure (CVE) ID: CVE-2018-4223
Common Vulnerability Exposure (CVE) ID: CVE-2018-4224
BugTraq ID: 104378
http://www.securityfocus.com/bid/104378
Common Vulnerability Exposure (CVE) ID: CVE-2018-4226
BugTraq ID: 104888
http://www.securityfocus.com/bid/104888
Common Vulnerability Exposure (CVE) ID: CVE-2018-4227
https://efail.de/#cve
Common Vulnerability Exposure (CVE) ID: CVE-2018-4202
Common Vulnerability Exposure (CVE) ID: CVE-2018-4242
http://www.securitytracker.com/id/1042004
Common Vulnerability Exposure (CVE) ID: CVE-2018-4240
https://www.exploit-db.com/exploits/45391/
Common Vulnerability Exposure (CVE) ID: CVE-2018-4196
Common Vulnerability Exposure (CVE) ID: CVE-2018-4198
Common Vulnerability Exposure (CVE) ID: CVE-2018-4225
BugTraq ID: 104889
http://www.securityfocus.com/bid/104889
CopyrightCopyright (C) 2018 Greenbone Networks GmbH

Dies ist nur einer von 81291 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.