RETIRED: Apple Mac OS X Prior to 10.6.4 Multiple Security Vulnerabilities

Apple Mac OS X is prone to multiple security vulnerabilities that have been addressed in Security Update 2010-004.

The update addresses new vulnerabilities that affect the CUPS, DesktopServices, Folder Manager, Help Viewer, iChat, ImageIO, Network Authorization, Open Directory, Printer Setup, Printing, Ruby, SMB File Server, and Wiki Server components of Mac OS X. The advisory also contains security updates for 13 previously reported issues.

This BID is being retired. The following individual records exist to better document the issues:

40886 Apple Mac OS X Help Viewer 'help://' URI Cross Site Scripting Vulnerability
40887 Apple Mac OS X Folder Manager Symbolic Link Handling Security Bypass Vulnerability
40888 Apple Mac OS X Prior to 10.6.4 Printer Setup (CVE-2010-1379) Remote Denial Of Service Vulnerability
40889 Apple Mac OS X CUPS Web Interface Unspecified Cross Site Request Forgery Vulnerability
40892 Apple Mac OS X Wiki Server Comment HTML Injection Vulnerability
40893 Apple Mac OS X Samba Wide Links Symbolic Link Handling Security Bypass Vulnerability
40894 Apple Mac OS X Prior to 10.6.4 ImageIO (CVE-2010-0543) Remote Code Execution Vulnerability
40895 Ruby WEBrick UTF-7 Encoding Cross Site Scripting Vulnerability
40896 Apple Mac OS X iChat Inline Image Transfer Directory Traversal Vulnerability
40897 Apple Mac OS X CUPS Web Interface Unspecified Information Disclosure Vulnerability
40898 Apple Mac OS X DesktopServices Component Insecure File Permissions Vulnerability
40901 Apple Mac OS X Network Authorization Local Privilege Escalation Vulnerability
40902 Apple Mac OS X Network Authorization URI Handler Remote Format String Vulnerability
40903 Apple Mac OS X Prior to 10.6.4 Printing (CVE-2010-1380) Integer Overflow Vulnerability
40905 Apple Mac OS X Prior to 10.6.4 Open Directory (CVE-2010-1377) Security Bypass Vulnerability


 

Privacy Statement
Copyright 2010, SecurityFocus