Multiple vulnerabilities have been discovered in Apple Mac OS X, where some of the specified issues can be exploited to gain knowledge of sensitive information, cause a DoS (Denial of Service), and potentially compromise a vulnerable system.
1) An unspecified vulnerability exists in the CoreFoundation notification logging.
2) An unspecified vulnerability exists in the DiskArbitration when handling initialisation of writeable removable media.
3) An unspecified vulnerability in exists in IPSec while checking key exchanges.
4) An assert error in QuickTime Streaming Server can be exploited by malicious people to cause a DoS. See the following advisory for more information: SA10956
5) An unspecified vulnerability exists in Safari when displaying URLs in the status bar.
6) Multiple vulnerabilities in tcpdump can potentially be exploited by malicious people to cause a DoS or compromise a vulnerable system. See the following advisory for more information: SA10636
7) A format string error in the "option_error()" function in pppd when handling command line arguments can be exploited by malicious, local users to read arbitrary memory accessible by the process. This may potentially expose PAP/CHAP authentication credentials if a system runs as a PPP server.
Do you have additional information related to this advisory?
Please provide information about patches, mitigating factors, new versions, exploits, faulty patches, links, and other relevant data by posting comments to this Advisory. You can also send this
information to firstname.lastname@example.org
Subject: Mac OS X Security Update Fixes Multiple Vulnerabilities
No posts yet
You must be logged in to post a comment.
Secunia Customer Login
Not a customer already?
Learn more about how our market leading Vulnerability Management solutions can help you manage risk and ensure compliance.