Apple has issued a security update for Mac OS X, which fixes multiple vulnerabilities.

1) The security issue is caused due to the debug switch being enabled within FileVault when using "Legacy FileVault". This may lead to users' password being saved in DEBUGLOG in plain text and can be exploited to read the password via FireWire target disk mode.

Successful exploitation requires that OS X is upgraded from an older version and uses the "Legacy FileVault" feature.

2) A race condition within blued's initialization routine can be exploited by a local user to gain escalated privileges.

3) Some vulnerabilities exist in ImageIO, HFS, curl, Kernel, libarchive, libxml, PHP, Ruby, Samba, and X11.

For more information:
SA43420
SA43434
SA43593
SA44711
SA45046
SA45325
SA45544
SA46107
SA46148
SA46168
SA46417
SA46632
SA47049
SA47404
SA47405
SA47690
SA47806
SA48152
SA48288
SA48742

4) Errors within the directory server when handling network messages can be exploited to disclose certain memory and e.g. gain account credentials.

NOTE: This vulnerability only affects Mac OS X 10.6.

5) An error within the libsecurity component when handling X.509 certificates can be exploited to reference uninitialized memory and execute arbitrary code.

6) A race condition when handling Guest user login can be exploited to log in to other accounts without a password.

7) An error within the Quartz Composer when handling screen savers can be exploited to launch Safari.

Successful exploitation of this vulnerability requires that the RSS Visualizer screen saver is used.

8) An error within QuickTime when handling audio sample tables during progressive download can be exploited to cause a buffer overflow via a specially crafted movie file.

9) An integer underflow error within QuickTime when calculating padding for MPEG samples can be exploited to cause a heap-based buffer overflow.

10) An integer underflow error within QuickTime when handling MPEG files can be exploited to corrupt memory.

11) A use-after-free error within QuickTime when processing the stsz atom in JPEG2000 encoded movie files can be exploited to execute arbitrary code.

12) An integer truncation error within libsecurity_cdsa_plugin when allocating memory can be exploited to cause a heap-based buffer overflow.

13) An error within Time Machine does not verify credentials when using SRP-based authentication for subsequent backup operations, which can be exploited gain access to Time Capsule credentials.

Solution
Update to OS X Lion v10.7.4 or apply Security Update 2012-002.
Further details available to Secunia VIM customers

Provided and/or discovered by
1) tarwinator in a forum post.
6) Reported by the vendor
9) An anonymous person via ZDI
10) Justin Kim, Microsoft
11) Damian Put via ZDI
12) aazubel via ZDI

The vendor credits:
2, 7) Aaron Sigel, vtty.com
4) Agustin Azubel
5) Dirk-Willem van Gulik of WebWeaving.org, Guilherme Prado of Conselho da Justica Federal, and Ryan Sleevi of Google
6) Francisco Gomez (espectalll123)
8) Luigi Auriemma via ZDI
13) Renaud Deraison, Tenable Network Security

Changelog
Further details available to Secunia VIM customers

Original Advisory
Apple:
http://support.apple.com/kb/HT5281

Microsoft:
http://technet.microsoft.com/en-us/security/msvr/msvr12-007

tarwinator:
https://discussions.apple.com/thread/3715366

ZDI:
http://www.zerodayinitiative.com/advisories/ZDI-12-076/
http://www.zerodayinitiative.com/advisories/ZDI-12-135/
http://www.zerodayinitiative.com/advisories/ZDI-12-137/

Other references
Further details available to Secunia VIM customers

Deep Links
Links available to Secunia VIM customers