Apple OS X and OS X Server Multiple Vulnerabilities

Last Update Date: 24 Oct 2013 10:06 Release Date: 24 Oct 2013 3304 Views

RISK: High Risk

High Risk

TYPE: Operating Systems - Mac OS

TYPE: Mac OS

Multiple vulnerabilities have been identified in Apple OS X and OS X Server, which can be exploited by remote attacker to conduct cross site scripting, denial of serverice, elevation of privilege, remote code execution and sensitive information disclosure

 

The following OS X components are found vulnerable:

  • Application Firewall
  • App Sandbox
  • Bluetooth
  • CFNetwork
  • CFNetwork SSL
  • Console
  • CoreGraphics
  • curl
  • dyld
  • IOKitUser
  • IOSerialFamily
  • Kernel
  • Kext Management
  • LaunchServices
  • Libc
  • Mail Accounts
  • Mail Header Display
  • Mail Networking
  • OpenLDAP
  • perl
  • Power Management
  • python
  • ruby
  • Security
  • Security - Authorization
  • Security - Smart Card Services
  • Screen Lock
  • Screen Sharing Server
  • syslog
  • USB

The following OS X Server components are found vulnerable:

  • Profile Manager
  • FreeRADIUS
  • Server App

Impact

  • Cross-Site Scripting
  • Denial of Service
  • Elevation of Privilege
  • Remote Code Execution
  • Information Disclosure

System / Technologies affected

  • OS X
  • OS X Server

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Upgrade to OS X Mavericks v10.9
  • Upgrade to OS X Server 3.0

Vulnerability Identifier

Source

Related Link

Share with

Previous

Node.js HTTP Server Deny Service Vulnerability

22 Oct 2013 3239 Views

Next

Apple iOS Passcode Lock Security Bypass Multiple Vulnerabilities

24 Oct 2013 3254 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY