APPLE-SA-2013-03-14-1

The remote host is running a version of Mac OS X 10.8 that is older than version 10.8.3. The newer version contains numerous security-related fixes :

  - A canonicalization issue existed in the handling of URIs with ignorable Unicode character sequences. This issue was addressed by updating mod_hfs_apple to forbid access to URIs with ignorable Unicode character sequences. (CVE-2013-0966)
  - Java Web Start applications would run even if the Java plug-in was disabled. This issue was addressed by removing JNLP files from the CoreTypes safe file type list, so the Web Start application will not be run unless the user opens it in the Downloads directory. (CVE-2013-0967)
  - A canonicalization issue existed in the handling of the EUC-JP encoding, which could lead to a cross-site scripting attack on EUC-JP encoded websites. This issue was addressed by updating the EUC-JP mapping table. (CVE-2011-3058)
  - An error handling issue existed in Identity Services. If the user's AppleID certificate failed to validate, the user's AppleID was assumed to be the empty string. If multiple systems belonging to different users enter this state, applications relying on this identity determination may erroneously extend trust. This issue was addressed by ensuring that NULL is returned instead of an empty string. (CVE-2013-0963)
  - Description: A buffer overflow existed in libtiff's handling of TIFF images. This issue was addressed through additional validation of TIFF images. (CVE-2012-2088)
  - A memory corruption issue existed in the handling of graphics data. This issue was addressed through improved bounds checking.(CVE-2013-0976)
  - An information disclosure issue existed in the handling of APIs related to kernel extensions. Responses containing an OSBundleMachOHeaders key may have included kernel addresses, which may aid in bypassing address space layout randomization protection. (CVE-2012-3749)
  - A logic error existed in VoiceOver's handling of the Login Window, whereby an attacker with access to the keyboard could launch System Preferences and modify the system configuration. This issue was addressed by preventing VoiceOver from launching applications at the Login Window. (CVE-2013-0969)
  - Clicking on a specifically-formatted FaceTime:// URL in Messages could bypass the standard confirmation prompt. This issue was addressed by additional validation of FaceTime:// URLs. (CVE-2013-0970)
  - An issue existed in the Jabber server's handling of dialback result messages. An attacker may cause the Jabber server to disclose information intended for users of federated servers. This issue was addressed through improved handling of dialback result messages. (CVE-2012-3525)
  - Description: A use after free issue existed in the handling of ink annotations in PDF files. This issue was addressed through improved memory management. (CVE-2013-0971)
  - A type casting issue existed in Ruby on Rails' handling of XML parameters. This issue was addressed by disabling XML parameters in the Rails implementation used by Podcast Producer Server. (CVE-2013-0156)
  - A buffer overflow existed in the handling of 'rnet' boxes in MP4 files. This issue was addressed through improved bounds checking. (CVE-2012-3756)

The remote host is running a version of Mac OS X 10.6 or 10.7 that does not have Security Update 2013-001 applied.  This update contains numerous security-related fixes for the following components :

  - Apache
  - CoreTypes (10.7 only)
  - International Components for Unicode
  - Identity Services (10.7 only)
  - ImageIO
  - Messages Server (Server only)
  - PDFKit
  - Podcast Producer Server (Server only)
  - PostgreSQL (Server only)
  - Profile Manager (10.7 Server only)
  - QuickTime
  - Ruby (10.6 Server only)
  - Security
  - Software Update
  - Wiki Server (10.7 Server only)

Note that the update also runs a malware removal tool that will remove the most common variants of malware.

The remote host is running a version of Mac OS X 10.8.x that is prior to 10.8.3. The newer version contains multiple security-related fixes for the following components :

  - Apache
  - CoreTypes
  - International Components for Unicode
  - Identity Services
  - ImageIO
  - IOAcceleratorFamily
  - Kernel
  - Login Window
  - Messages
  - PDFKit
  - QuickTime
  - Security

Note that the update also runs a malware removal tool that will remove the most common variants of malware.

ID	Name	Product	Family	Severity
801018	Mac OS X 10.8 < 10.8.3 Multiple Vulnerabilities (Security Update 2013-001)	Log Correlation Engine	Operating System Detection	high
6717	Mac OS X 10.8 < 10.8.3 Multiple Vulnerabilities (Security Update 2013-001)	Nessus Network Monitor	Web Clients	high
65578	Mac OS X Multiple Vulnerabilities (Security Update 2013-001)	Nessus	MacOS X Local Security Checks	high
65577	Mac OS X 10.8.x < 10.8.3 Multiple Vulnerabilities	Nessus	MacOS X Local Security Checks	high

CVE-2013-0966

MEDIUM

Description

References

Details

Risk Information

CVSS v2.0

Vulnerable Software

Configuration 1

Configuration 2

Configuration 3

Tenable Plugins

high

high

high

high