Zero-friction vulnerability management platform

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

Apple Mac OS X Multiple Vulnerabilities-03 February-2017

Information

Severity

Severity

Critical

Family

Family

Mac OS X Local Security Checks

CVSSv2 Base

CVSSv2 Base

9.3

CVSSv2 Vector

CVSSv2 Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Solution Type

Solution Type

Vendor Patch

Created

Created

5 years ago

Modified

Modified

3 years ago

Summary

This host is running Apple Mac OS X and is prone to multiple vulnerabilities.

Insight

Insight

Multiple flaws exists due to, - Multiple null pointer dereference errors. - A logging issue in the handling of passwords. - An issue existed in the parsing of disk images. - A logic issue in libxpc. - An issue within the path validation logic for symlinks in libarchive. - Multiple object lifetime issues existed when spawning new processes. - Multiple input validation issues existed in MIG generated code. - An impersonation issue existed in the handling of call switching in the IDS - Connectivity. - A buffer overflow existed in the handling of font files. - An out-of-bounds read error in FontParser. - An user interface inconsistencies existed in the handling of relayed calls in FaceTime. - A phishing issue existed in the handling of proxy credentials. - Multiple memory corruption errors.

Affected Software

Affected Software

Apple Mac OS X versions 10.10.x through 10.10.5 prior to build 14F2009, 10.11.x prior to build 15G1108 and 10.12.x prior to 10.12.1

Detection Method

Detection Method

Checks if a vulnerable version is present on the target host.

Solution

Solution

Upgrade to Apple Mac OS X version 10.12.1 or later or apply appropriate patch. Please see the references for more information.