|
|
Apple Mac OS X Code Execution and Security Bypass Vulnerabilities
|
Multiple vulnerabilities have been identified in Apple Mac OS X, which could be exploited by remote or local attackers to disclose sensitive information, bypass security restrictions, cause a denial of service or compromise an affected system. These issues are caused by errors in CoreAudio, CUPS, Flash Player plug-in, ImageIO, Image RAW, and OpenSSL. For additional information, see : VUPEN/ADV-2009-1637 - VUPEN/ADV-2009-3164 - VUPEN/ADV-2009-3278 - VUPEN/ADV-2009-3456
Apple Mac OS X version 10.6.2 and prior
Apple Mac OS X version 10.5.8 and prior
Apple Mac OS X Server version 10.6.2 and prior
Apple Mac OS X Server version 10.5.8 and prior
Apply Security Update 2010-001 Client (Leopard) :
http://support.apple.com/kb/DL993
Apply Security Update 2010-001 Server (Leopard) :
http://support.apple.com/kb/DL992
Apply Security Update 2010-001 (Snow Leopard) :
http://support.apple.com/kb/DL994
http://www.vupen.com/english/advisories/2010/0173
http://support.apple.com/kb/HT4004
Vulnerabilities reported by Tobias Klein (trapkit.de), Damian Put via ZDI, Bing Liu (Fortinet FortiGuard Global Security Research Team), Will Dormann (CERT), Manuel Caballero, Microsoft Vulnerability Research, Jason Carr (Carnegie Mellon University Computing Services), and Dispensa and Marsh Ray (PhoneFactor, Inc).
2010-01-20 : Initial release
If you have additional information or corrections for this security advisory please submit them via our contact form. | |
|
|
|
Monthly Statistics |
 |
|
|
|
| |
|
Try VUPEN
VNS |
 |
|
 |
|
| |
|
 |
| |
|
|
|
|
