Apple MacOSX Security Updates(HT210722)-02

Published: 2019-10-30 06:38:31
CVE Author: NIST National Vulnerability Database (NVD)

CVSS Base Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Summary:
This host is installed with Apple Mac OS X and is prone to multiple vulnerabilities.

Detection Method:
Checks if a vulnerable version is present on the target host.

Technical Details:
Multiple flaws exists due to, - This issue related to existence of vulnerable code. - A logic issue related to improper restrictions. - A memory corruption issue related to improper state management. - A memory corruption issue existed in the handling of IPv6 packets. - A memory consumption issue related to improper memory handling. - An issue related to improper checks. - Multiple memory corruption issues related to improper input validation. - An out-of-bounds read error related to improper bounds checking. - A denial of service issue related to improper validation.

Impact:
Successful exploitation allow attackers to elevate privileges, check for the existence of arbitrary files, conduct arbitrary code execution, determine kernel memory layout, disclosure of user information and cause unexpected system termination or read kernel memory.

Affected Versions:
Apple Mac OS X versions 10.13.x through 10.13.6, 10.14.x through 10.14.6

Recommendations:
Apply security update 2019-001 for 10.14.x and Security Update 2019-006 for 10.13.x from vendor.

Solution Type:
Vendor Patch

Detection Type:
Linux Distribution Package

NIST (National Institute of Standards and Technology) NVD (National Vulnerability Database)

https://nvd.nist.gov/vuln/detail/CVE-2019-8509
https://nvd.nist.gov/vuln/detail/CVE-2019-8708
https://nvd.nist.gov/vuln/detail/CVE-2019-8706
https://nvd.nist.gov/vuln/detail/CVE-2019-8744
https://nvd.nist.gov/vuln/detail/CVE-2019-8767
https://nvd.nist.gov/vuln/detail/CVE-2019-8761
https://nvd.nist.gov/vuln/detail/CVE-2019-8749
https://nvd.nist.gov/vuln/detail/CVE-2019-8756
https://nvd.nist.gov/vuln/detail/CVE-2019-8716
https://nvd.nist.gov/vuln/detail/CVE-2019-8715
https://nvd.nist.gov/vuln/detail/CVE-2018-12152
https://nvd.nist.gov/vuln/detail/CVE-2018-12153
https://nvd.nist.gov/vuln/detail/CVE-2018-12154
https://nvd.nist.gov/vuln/detail/CVE-2019-8759
https://nvd.nist.gov/vuln/detail/CVE-2019-8737
https://nvd.nist.gov/vuln/detail/CVE-2019-8736
https://nvd.nist.gov/vuln/detail/CVE-2019-8750

References:

https://support.apple.com/en-in/HT210722
https://www.apple.com.

Search
Severity
High
CVSS Score
10.0

You never have to pay for a vulnerability scanning and management software again.

Tired of paying a subscription 'per asset' or 'per IP'? Well you can officially cancel your current subscription. Mageni provides a free, open source and enterprise-ready vulnerability scanning and management platform which helps you to find, prioritize, remediate and manage your vulnerabilities. It is free and always will be.