Apple OS X and OS X Server Multiple Vulnerabilities
Last Update Date:
24 Oct 2013 10:06
Release Date:
24 Oct 2013
3989
Views
RISK: High Risk
TYPE: Operating Systems - Mac OS
Multiple vulnerabilities have been identified in Apple OS X and OS X Server, which can be exploited by remote attacker to conduct cross site scripting, denial of serverice, elevation of privilege, remote code execution and sensitive information disclosure
The following OS X components are found vulnerable:
- Application Firewall
- App Sandbox
- Bluetooth
- CFNetwork
- CFNetwork SSL
- Console
- CoreGraphics
- curl
- dyld
- IOKitUser
- IOSerialFamily
- Kernel
- Kext Management
- LaunchServices
- Libc
- Mail Accounts
- Mail Header Display
- Mail Networking
- OpenLDAP
- perl
- Power Management
- python
- ruby
- Security
- Security - Authorization
- Security - Smart Card Services
- Screen Lock
- Screen Sharing Server
- syslog
- USB
The following OS X Server components are found vulnerable:
- Profile Manager
- FreeRADIUS
- Server App
Impact
- Cross-Site Scripting
- Denial of Service
- Elevation of Privilege
- Remote Code Execution
- Information Disclosure
System / Technologies affected
- OS X
- OS X Server
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Upgrade to OS X Mavericks v10.9
- Upgrade to OS X Server 3.0
Vulnerability Identifier
- CVE-2013-5192
- CVE-2013-5191
- CVE-2013-5190
- CVE-2013-5189
- CVE-2013-5188
- CVE-2013-5187
- CVE-2013-5186
- CVE-2013-5185
- CVE-2013-5184
- CVE-2013-5183
- CVE-2013-5182
- CVE-2013-5181
- CVE-2013-5180
- CVE-2013-5179
- CVE-2013-5178
- CVE-2013-5177
- CVE-2013-5176
- CVE-2013-5175
- CVE-2013-5174
- CVE-2013-5173
- CVE-2013-5172
- CVE-2013-5171
- CVE-2013-5170
- CVE-2013-5169
- CVE-2013-5168
- CVE-2013-5167
- CVE-2013-5166
- CVE-2013-5165
- CVE-2013-5145
- CVE-2013-5142
- CVE-2013-5141
- CVE-2013-5139
- CVE-2013-5138
- CVE-2013-5135
- CVE-2013-4073
- CVE-2013-3954
- CVE-2013-3950
- CVE-2013-1944
- CVE-2013-1667
- CVE-2013-0249
- CVE-2012-1150
- CVE-2012-0876
- CVE-2012-0845
- CVE-2011-4944
- CVE-2011-3427
- CVE-2011-3389
- CVE-2011-2391
- CVE-2013-5143
- CVE-2013-1857
- CVE-2013-1856
- CVE-2013-1855
- CVE-2013-1854
- CVE-2013-0269
- CVE-2012-3547
Source
Related Link
Share with