RETIRED: Apple Mac OS X APPLE-SA-2013-10-22-3 Multiple Security Vulnerabilities

Apple Mac OS X is prone to multiple vulnerabilities.

The update addresses new vulnerabilities that affect Application Firewall, App Sandbox, Bluetooth, CFNetwork, Console, CoreGraphics, Kernel, LaunchServices, Libc, Mail Accounts, Mail Header Display, Mail Networking, OpenLDAP, Power Management, Security, Security - Authorization, Security - Smart Card Services, Screen Lock, Screen Sharing Server, syslog, and USB components.

Attackers can exploit these issues to execute arbitrary code, cause denial-of-service conditions, hijack an arbitrary session, gain unauthorized access, perform unauthorized actions, obtain sensitive information, bypass security restrictions, and perform other attacks.

These issues affect OS X versions prior to 10.9.

This BID is being retired. The following individual records exist to better document the issues:

63314 Apple Mac OS X CVE-2013-5171 Security Bypass Vulnerability
63282 Apple Mac OS X APPLE-SA-2013-10-22-3 Multiple Security Vulnerabilities
63320 Apple Mac OS X Smart Card Services CVE-2013-5190 Remote Denial of Service Vulnerability
63316 Apple Mac OS X CVE-2013-5186 Local Unauthorised Access Vulnerability
63345 Apple Mac OS X CVE-2013-5187 Local Unauthorised Access Vulnerability
63335 Apple Mac OS X Multicast Packet Handling Remote Denial of Service Vulnerability
63346 Apple Mac OS X Unsigned Mail Handling Security Vulnerability
63332 Apple Mac OS X Kernel Integer Truncation Local Denial of Service Vulnerability
63329 Apple Mac OS X Kernel tty Read Handling Local Denial of Service Vulnerability
63339 Apple Mac OS X CVE-2013-5177 Local Denial of Service Vulnerability
63329 Apple Mac OS X Kernel tty Read Handling Local Denial of Service Vulnerability
63331 Apple Mac OS X Kernel Mach-O Files Handling Local Out-of-Bounds Read Vulnerability
63319 Apple Mac OS X Kernel SHA-2 Digest Remote Denial of Service Vulnerability
63321 Apple Mac OS X Kernel Random Number Generator Local Denial of Service Vulnerability
63330 Apple Mac OS X CoreGraphics PDF Handling Buffer Overflow Vulnerability
63312 Apple Mac OS X Bluetooth USB Host Controller Remote Denial of Service Vulnerability
63317 Apple Mac OS X CVE-2013-5167 Session Fixation Vulnerability
63313 Apple Mac OS X CVE-2013-5165 Security Bypass Vulnerability
63343 Apple Mac OS X LaunchServices CVE-2013-5178 Remote Security Vulnerability
63311 Apple Mac OS X CVE-2013-5179 Remote Security Bypass Weakness
63322 Apple Mac OS X CVE-2013-5168 Security Bypass Vulnerability
63336 Apple Mac OS X CVE-2013-5169 Local Information Disclosure Vulnerability
63344 Apple Mac OS X CVE-2013-5191 Local Information Disclosure Vulnerability
63350 Apple Mac OS X CVE-2013-5181 Insecure Authentication Weakness
63348 Apple Mac OS X Lock Screen CVE-2013-5188 Local Security Bypass Vulnerability
63353 Apple Mac OS X CVE-2013-5189 Local Security Bypass Vulnerability
63347 Apple Mac OS X CVE-2013-5180 Predictable Random Number Generator Weakness
63351 Apple Mac OS X OpenLDAP 'ldapsearch' Command Security Vulnerability
63349 Apple Mac OS X Mail Networking Information Disclosure Security Vulnerability


 

Privacy Statement
Copyright 2010, SecurityFocus