Apple Mac OS XMultiple Vulnerabilities
RISK: Medium Risk
Multiple vulnerabilities have been identified in Apple Mac OS X, which could be exploited by remote or local attackers to cause a denial of service, disclose sensitive information, bypass security restrictions or compromise an affected system. These issues are caused by implementation, data validation, and buffer overflow errors in AFP Server, Apache, AppKit, Apple Pixlet Video, ATS, CFNetwork, CoreFoundation, CoreGraphics, CoreTypes, CUPS, Flash Player Plug-in, Help Viewer, International Components for Unicode, Image Capture, ImageIO, Kernel, LoginWindow, Mail, ruby, Single Sign-On, and Wiki Server, which could be exploited by attackers to bypass security checks, gain knowledge of sensitive information, cause a denial of service or execute arbitrary commands or scripting code.
Impact
- Cross-Site Scripting
- Denial of Service
- Elevation of Privilege
- Remote Code Execution
- Security Restriction Bypass
System / Technologies affected
- Mac OS X version 10.4.11
- Mac OS X Server version 10.4.11
- Mac OS X versions 10.5 through 10.5.2
- Mac OS X Server versions 10.5 through 10.5.2
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Apple Security Update 2008-003 (Intel) :
http://www.apple.com/support/downloads/securityupdate2008003intel.html - Apple Security Update 2008-003 Server (Universal) :
http://www.apple.com/support/downloads/securityupdate2008003serveruniversal.html - Apple Security Update 2008-003 Server (PPC) :
http://www.apple.com/support/downloads/securityupdate2008003serverppc.html - Apple Security Update 2008-003 (PPC) :
http://www.apple.com/support/downloads/securityupdate2008003ppc.html
Vulnerability Identifier
- CVE-2005-3352
- CVE-2005-3357
- CVE-2007-0071
- CVE-2007-1863
- CVE-2007-3847
- CVE-2007-4465
- CVE-2007-5000
- CVE-2007-5266
- CVE-2007-5268
- CVE-2007-5269
- CVE-2007-5275
- CVE-2007-6019
- CVE-2007-6243
- CVE-2007-6388
- CVE-2007-6612
- CVE-2007-6637
- CVE-2008-1027
- CVE-2008-1028
- CVE-2008-1030
- CVE-2008-1031
- CVE-2008-1032
- CVE-2008-1033
- CVE-2008-1034
- CVE-2008-1036
- CVE-2008-1571
- CVE-2008-1572
- CVE-2008-1573
- CVE-2008-1574
- CVE-2008-1575
- CVE-2008-1576
- CVE-2008-1577
- CVE-2008-1578
- CVE-2008-1579
- CVE-2008-1580
- CVE-2008-1654
- CVE-2008-1655
Source
Related Link
Share with