Apple has issued a security update for Mac OS X, which fixes multiple vulnerabilities.
1) A boundary error in the AFP Client component can be exploited to corrupt memory and potentially execute arbitrary code when a user accesses a specially crafted AFP server.
2) A weakness in the Adaptive Firewall component can lead to brute force or dictionary attacks not being detected.
3) Some vulnerabilities in Apache can be exploited by malicious, local users to bypass certain security restrictions, and by malicious users and malicious people to disclose potentially sensitive information or cause a DoS (Denial of Service).
4) A weakness in Apache can be exploited to conduct cross-site scripting attacks via the HTTP TRACE method.
5) Some vulnerabilities in Apache Portable Runtime can be exploited by malicious users and malicious people to disclose potentially sensitive information, cause a DoS (Denial of Service), or compromise an application using the library.
6) Multiple boundary errors exist in Apple Type Services when handling embedded fonts. These can be exploited to cause buffer overflows and execute arbitrary code when a document containing a specially crafted embedded font is being viewed or downloaded.
7) A weakness in the Certificate Assistant component can mislead a user into accepting a specially crafted certificate, containing NUL characters in the Common Name field, as it visually appears to match the domain visited by the user.
8) Multiple integer overflow errors exist in the CoreGraphics component, which can be exploited to cause heap-based buffer overflows and execute arbitrary code when a specially crafted PDF file is opened.
9) Multiple errors in CoreMedia and QuickTime can be exploited by malicious people to compromise a vulnerable system.
15) An input validation error exists in the Event Monitor component. This can be exploited to inject certain data to log files by passing specially crafted authentication information to the SSH server.
NOTE: This can potentially lead to a DoS (Denial of Service) in services that process the affected log files.
16) A vulnerability in fetchmail can be exploited by malicious people to conduct spoofing attacks.
35) Multiple unspecified errors in the Screen Sharing client can be exploited to cause a memory corruption and execute arbitrary code when a specially crafted VNC server is being accessed, e.g. by opening a "vnc://" URL.
36) An insecure file operation in the Spotlight component can be exploited to overwrite files with privileges of another user.
37) Multiple vulnerabilities in Subversion can be exploited by malicious users and malicious people to compromise a vulnerable system.
Provided and/or discovered by: 9) The vendor credits:
* Tom Ferris of the Adobe Secure Software Engineering Team.
* An anonymous researcher working with the ZDI.
* Alex Selivanov
* Damian Put working with the ZDI.
21) The vendor credits Nikita Zhuk and Petteri Kamppuri of MK&C.
22) The vendor credits K. Chen of Georgia Institute of Technology.
25) The vendor credits Regis Duchesne of VMware, Inc.
26) The vendor credits Rauli Kaksonen and Jukka Taimisto from the CROSS project at Codenomicon Ltd.
32) The vendor credits Nicolas Joly of VUPEN Vulnerability Research Team.
Original Advisory: Apple:
Do you have additional information related to this advisory?
Please provide information about patches, mitigating factors, new versions, exploits, faulty patches, links, and other relevant data by posting comments to this Advisory. You can also send this
information to firstname.lastname@example.org
Subject: Apple Mac OS X Security Update Fixes Multiple Vulnerabilities
No posts yet
You must be logged in to post a comment.
Secunia Customer Login
Not a customer already?
Learn more about how our market leading Vulnerability Management solutions can help you manage risk and ensure compliance.