Apple Mac OS X Multiple Vulnerabilities-HT207615

Published: 2017-03-31 12:07:14
CVE Author: NIST National Vulnerability Database

CVSS Base Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Summary:
This host is running Apple Mac OS X and is prone to multiple vulnerabilities.

Detection Method:
Checks if a vulnerable version is present on the target host.

Technical Details:
Multiple flaws exists. For details refer the reference links.

Impact:
Successful exploitation will allow attacker to execute arbitrary code or cause a denial of service (memory corruption), gain access to potentially sensitive information, bypass certain protection mechanism and have other impacts.

Affected Versions:
Apple Mac OS X version 10.12.x through 10.12.3

Recommendations:
Upgrade to Apple Mac OS X version 10.12.4 or later.

Solution Type:
Vendor Patch

Detection Type:
Linux Distribution Package

NIST (National Institute of Standards and Technology) NVD (National Vulnerability Database)

https://nvd.nist.gov/vuln/detail/CVE-2016-0736
https://nvd.nist.gov/vuln/detail/CVE-2016-2161
https://nvd.nist.gov/vuln/detail/CVE-2016-5387
https://nvd.nist.gov/vuln/detail/CVE-2016-8740
https://nvd.nist.gov/vuln/detail/CVE-2016-8743
https://nvd.nist.gov/vuln/detail/CVE-2016-10158
https://nvd.nist.gov/vuln/detail/CVE-2016-10159
https://nvd.nist.gov/vuln/detail/CVE-2016-10160
https://nvd.nist.gov/vuln/detail/CVE-2016-10161
https://nvd.nist.gov/vuln/detail/CVE-2016-9935
https://nvd.nist.gov/vuln/detail/CVE-2017-2421
https://nvd.nist.gov/vuln/detail/CVE-2017-2438
https://nvd.nist.gov/vuln/detail/CVE-2017-2430
https://nvd.nist.gov/vuln/detail/CVE-2017-2462
https://nvd.nist.gov/vuln/detail/CVE-2017-2420
https://nvd.nist.gov/vuln/detail/CVE-2017-2427
https://nvd.nist.gov/vuln/detail/CVE-2017-2449
https://nvd.nist.gov/vuln/detail/CVE-2017-2379
https://nvd.nist.gov/vuln/detail/CVE-2017-2417
https://nvd.nist.gov/vuln/detail/CVE-2017-2431
https://nvd.nist.gov/vuln/detail/CVE-2017-2435
https://nvd.nist.gov/vuln/detail/CVE-2017-2450
https://nvd.nist.gov/vuln/detail/CVE-2017-2461
https://nvd.nist.gov/vuln/detail/CVE-2016-9586
https://nvd.nist.gov/vuln/detail/CVE-2016-7585
https://nvd.nist.gov/vuln/detail/CVE-2017-2429
https://nvd.nist.gov/vuln/detail/CVE-2017-2487
https://nvd.nist.gov/vuln/detail/CVE-2017-2406
https://nvd.nist.gov/vuln/detail/CVE-2017-2407
https://nvd.nist.gov/vuln/detail/CVE-2017-2439
https://nvd.nist.gov/vuln/detail/CVE-2017-2428
https://nvd.nist.gov/vuln/detail/CVE-2017-2418
https://nvd.nist.gov/vuln/detail/CVE-2017-2426
https://nvd.nist.gov/vuln/detail/CVE-2017-2416
https://nvd.nist.gov/vuln/detail/CVE-2017-2467
https://nvd.nist.gov/vuln/detail/CVE-2017-2489
https://nvd.nist.gov/vuln/detail/CVE-2016-3619
https://nvd.nist.gov/vuln/detail/CVE-2017-2443
https://nvd.nist.gov/vuln/detail/CVE-2017-2408
https://nvd.nist.gov/vuln/detail/CVE-2017-2436
https://nvd.nist.gov/vuln/detail/CVE-2017-2437
https://nvd.nist.gov/vuln/detail/CVE-2017-2388
https://nvd.nist.gov/vuln/detail/CVE-2017-2398
https://nvd.nist.gov/vuln/detail/CVE-2017-2401
https://nvd.nist.gov/vuln/detail/CVE-2017-2410
https://nvd.nist.gov/vuln/detail/CVE-2017-2440
https://nvd.nist.gov/vuln/detail/CVE-2017-2456
https://nvd.nist.gov/vuln/detail/CVE-2017-2472
https://nvd.nist.gov/vuln/detail/CVE-2017-2473
https://nvd.nist.gov/vuln/detail/CVE-2017-2474
https://nvd.nist.gov/vuln/detail/CVE-2017-2478
https://nvd.nist.gov/vuln/detail/CVE-2017-2482
https://nvd.nist.gov/vuln/detail/CVE-2017-2483
https://nvd.nist.gov/vuln/detail/CVE-2017-2458
https://nvd.nist.gov/vuln/detail/CVE-2017-2448
https://nvd.nist.gov/vuln/detail/CVE-2017-2390
https://nvd.nist.gov/vuln/detail/CVE-2017-2441
https://nvd.nist.gov/vuln/detail/CVE-2017-2402
https://nvd.nist.gov/vuln/detail/CVE-2017-2392
https://nvd.nist.gov/vuln/detail/CVE-2017-2457
https://nvd.nist.gov/vuln/detail/CVE-2017-2409
https://nvd.nist.gov/vuln/detail/CVE-2017-2422
https://nvd.nist.gov/vuln/detail/CVE-2016-10009
https://nvd.nist.gov/vuln/detail/CVE-2016-10010
https://nvd.nist.gov/vuln/detail/CVE-2016-10011
https://nvd.nist.gov/vuln/detail/CVE-2016-10012
https://nvd.nist.gov/vuln/detail/CVE-2016-7056
https://nvd.nist.gov/vuln/detail/CVE-2017-2403
https://nvd.nist.gov/vuln/detail/CVE-2016-5636
https://nvd.nist.gov/vuln/detail/CVE-2017-2413
https://nvd.nist.gov/vuln/detail/CVE-2017-2423
https://nvd.nist.gov/vuln/detail/CVE-2017-2451
https://nvd.nist.gov/vuln/detail/CVE-2017-2485
https://nvd.nist.gov/vuln/detail/CVE-2017-2425
https://nvd.nist.gov/vuln/detail/CVE-2017-2381
https://nvd.nist.gov/vuln/detail/CVE-2017-6974
https://nvd.nist.gov/vuln/detail/CVE-2016-7922
https://nvd.nist.gov/vuln/detail/CVE-2016-7923
https://nvd.nist.gov/vuln/detail/CVE-2016-7924
https://nvd.nist.gov/vuln/detail/CVE-2016-7925
https://nvd.nist.gov/vuln/detail/CVE-2016-7926
https://nvd.nist.gov/vuln/detail/CVE-2016-7927
https://nvd.nist.gov/vuln/detail/CVE-2016-7928
https://nvd.nist.gov/vuln/detail/CVE-2016-7929
https://nvd.nist.gov/vuln/detail/CVE-2016-7930
https://nvd.nist.gov/vuln/detail/CVE-2016-7931
https://nvd.nist.gov/vuln/detail/CVE-2016-7932
https://nvd.nist.gov/vuln/detail/CVE-2016-7933
https://nvd.nist.gov/vuln/detail/CVE-2016-7934
https://nvd.nist.gov/vuln/detail/CVE-2016-7935
https://nvd.nist.gov/vuln/detail/CVE-2016-7936
https://nvd.nist.gov/vuln/detail/CVE-2016-7937
https://nvd.nist.gov/vuln/detail/CVE-2016-7938
https://nvd.nist.gov/vuln/detail/CVE-2016-7939
https://nvd.nist.gov/vuln/detail/CVE-2016-7940
https://nvd.nist.gov/vuln/detail/CVE-2016-7973
https://nvd.nist.gov/vuln/detail/CVE-2016-7974
https://nvd.nist.gov/vuln/detail/CVE-2016-7975
https://nvd.nist.gov/vuln/detail/CVE-2016-7983
https://nvd.nist.gov/vuln/detail/CVE-2016-7984
https://nvd.nist.gov/vuln/detail/CVE-2016-7985
https://nvd.nist.gov/vuln/detail/CVE-2016-7986
https://nvd.nist.gov/vuln/detail/CVE-2016-7992
https://nvd.nist.gov/vuln/detail/CVE-2016-7993
https://nvd.nist.gov/vuln/detail/CVE-2016-8574
https://nvd.nist.gov/vuln/detail/CVE-2016-8575
https://nvd.nist.gov/vuln/detail/CVE-2017-5202
https://nvd.nist.gov/vuln/detail/CVE-2017-5203
https://nvd.nist.gov/vuln/detail/CVE-2017-5204
https://nvd.nist.gov/vuln/detail/CVE-2017-5205
https://nvd.nist.gov/vuln/detail/CVE-2017-5341
https://nvd.nist.gov/vuln/detail/CVE-2017-5342
https://nvd.nist.gov/vuln/detail/CVE-2017-5482
https://nvd.nist.gov/vuln/detail/CVE-2017-5483
https://nvd.nist.gov/vuln/detail/CVE-2017-5484
https://nvd.nist.gov/vuln/detail/CVE-2017-5485
https://nvd.nist.gov/vuln/detail/CVE-2017-5486
https://nvd.nist.gov/vuln/detail/CVE-2016-3619
https://nvd.nist.gov/vuln/detail/CVE-2016-9533
https://nvd.nist.gov/vuln/detail/CVE-2016-9535
https://nvd.nist.gov/vuln/detail/CVE-2016-9536
https://nvd.nist.gov/vuln/detail/CVE-2016-9537
https://nvd.nist.gov/vuln/detail/CVE-2016-9538
https://nvd.nist.gov/vuln/detail/CVE-2016-9539
https://nvd.nist.gov/vuln/detail/CVE-2016-9540
https://nvd.nist.gov/vuln/detail/CVE-2017-2486

SecurityFocus Bugtraq ID:

https://www.securityfocus.com/bid/95078
https://www.securityfocus.com/bid/95076
https://www.securityfocus.com/bid/91816
https://www.securityfocus.com/bid/94650
https://www.securityfocus.com/bid/95077
https://www.securityfocus.com/bid/95764
https://www.securityfocus.com/bid/95774
https://www.securityfocus.com/bid/95783
https://www.securityfocus.com/bid/95768
https://www.securityfocus.com/bid/94846
https://www.securityfocus.com/bid/97140
https://www.securityfocus.com/bid/97137
https://www.securityfocus.com/bid/95019
https://www.securityfocus.com/bid/97146
https://www.securityfocus.com/bid/85919
https://www.securityfocus.com/bid/97147
https://www.securityfocus.com/bid/97134
https://www.securityfocus.com/bid/95375
https://www.securityfocus.com/bid/96767
https://www.securityfocus.com/bid/94968
https://www.securityfocus.com/bid/94972
https://www.securityfocus.com/bid/94977
https://www.securityfocus.com/bid/94975
https://www.securityfocus.com/bid/91247
https://www.securityfocus.com/bid/97132
https://www.securityfocus.com/bid/95852
https://www.securityfocus.com/bid/94742
https://www.securityfocus.com/bid/94744
https://www.securityfocus.com/bid/94745
https://www.securityfocus.com/bid/94746
https://www.securityfocus.com/bid/94753
https://www.securityfocus.com/bid/94754
https://www.securityfocus.com/bid/94747
https://www.securityfocus.com/bid/97300
https://www.securityfocus.com/bid/97303

References:

https://support.apple.com/en-us/HT207615
https://www.apple.com

Severity
High
CVSS Score
10.0
Published
2017-03-31
Modified
2019-03-18
Category
Mac OS X Local Security Checks

Free Vulnerability Scanning, Assessment and Management

Mageni's Platform is packed with all the features you need to scan, assess and manage vulnerabilities like this - it is free, open source, lightning fast, reliable and scalable.

Router
Servers
Laptop
Database
Group
Cloud

Frequently Asked Questions

No, you can scan concurrently as many assets as you want. Please note that you must be aware of the hardware requeriments of the platform to ensure a good performance.

No, you can add as many assest as you want. It doesn't matters if you have millions of assets, we won't charge you for that.

No. The software is completely free. We have no intention to charge you to use the software, in fact - it completely goes against our beliefs and business model.

A vulnerability is defined in the ISO 27002 standard as “A weakness of an asset or group of assets that can be exploited by one or more threats” (International Organization for Standardization, 2005)

We generate revenue by providing support and other services for customers that require a subscription so they get guaranteed support and enterprise services. To use Mageni's Platform is completely free, with no limits at all.

Yes. Mageni understands that there are professionals and businesses that need commercial support so Mageni provides an active support subscription with everything needed to run Mageni's Platform reliably and securely. More than software, it's access to security experts, knowledge resources, security updates, and support tools you can't get anywhere else. The subscription includes:

  • Ongoing delivery
    • Patches
    • Bug fixes
    • Updates
    • Upgrades
  • Technical support
    • 24/7 availability
    • Unlimited Incidents
    • Specialty-based routing
    • Multi-Channel
  • Commitments
    • Software certifications
    • Software assurance
    • SLA

No, we don't store the information of your vulnerabilities in our servers.

Vulnerability management is the process in which vulnerabilities in IT are identified and the risks of these vulnerabilities are evaluated. This evaluation leads to correcting the vulnerabilities and removing the risk or a formal risk acceptance by the management of an organization. The term vulnerability management is often confused with vulnerability scanning. Despite the fact both are related, there is an important difference between the two. Vulnerability scanning consists of using a computer program to identify vulnerabilities in networks, computer infrastructure or applications. Vulnerability management is the process surrounding vulnerability scanning, also taking into account other aspects such as risk acceptance, remediation etc. Source: "Implementing a Vulnerability Management Process". SANS Institute.

I am ready to start scanning for vulnerabilities