Detections
Analytics

Mac OS X < 10.10.2 Multiple Vulnerabilities

critical Nessus Network Monitor Plugin ID 8644

Synopsis

The remote host is missing a critical Mac OS X patch update.

Description

The remote host is running a version of Mac OS X 10.10.x that is prior to version 10.10.2. Mac OS X 10.10.2 contains the following security-related fixes :

 - The IOHIDFamily allows attackers to execute arbitrary code in a kernel context. (CVE-2014-8822, CVE-2014-4487)
 - The LaunchServices module does not properly handle file-type metadata. This can allow an attacker to bypass the Gatekeeper protection via a crafted JAR archive. (CVE-2014-8826)
 - There are unspecified vulnerabilities in the Intel Graphics driver. (CVE-2014-8819, CVE-2014-8820, CVE-2014-8821)
 - There is a data leak vulnerability in the LoginWindow component. (CVE-2014-8827)
 - There is a data leak vulnerability with the Spotlight Mail component. (CVE-2014-8839)
 - The SceneKit component is vulnerable to a heap-based buffer overflow. (CVE-2014-8830)
 - The App Store process in CommerceKit Framework is vulnerable to a local information leak. (CVE-2014-4499)
 - The indexing functionality in Spotlight is vulnerable to a sensitive data leak. (CVE-2014-8832, CVE-2014-8833)
 - The security_taskgate Bluetooth driver is vulnerable to an unspecified vulnerability. (CVE-2014-8831)
 - The Bluetooth driver is vulnerable to a remote code execution vulnerability. (CVE-2014-8836)
 - There are multiple unspecified vulnerabilities in the Bluetooth driver. (CVE-2014-8837, CVE-2014-4497)
 - The UserAccountUpdater component is vulnerable to a local data leak. (CVE-2014-8834)
 - There is a buffer overflow vulnerability in the xpc_data_get_bytes function in libxpc. (CVE-2014-8835)
 - The SceneKit component is vulnerable to an arbitrary code execution vulnerability. (CVE-2014-8829)
 - The CPU Software allows a local, physical, firmware attack. (CVE-2014-4498)
 - The IOUSBControllerUserClient::ReadRegister function in the IOUSB controller of IOUSBFamily is vulnerable to a data leak. (CVE-2014-8823)
 - The kernel does not properly validate IODataQueue object metadata fields. (CVE-2014-8824)
 - The kernel does not properly perform identitysvc validation. (CVE-2014-8825)
 - The Coresymbolicationd component in CoreSymbolication does not verify data types. (CVE-2014-8817)
 - There is an integer overflow in the CoreGraphics component which can lead to remote code execution. (CVE-2014-4481)
 - There is a buffer overflow in the FontParser component which may allow remote code execution. (CVE-2014-4483)
 - The FontParser does not properly validate crafted .dfont files which can lead to remote code execution. (CVE-2014-4484)
 - There is a buffer overflow in the XML parser in Foundation. (CVE-2014-4485)
 - The IOAcceleratorFamily does not properly handle certain types and can lead to a NULL pointer dereference. (CVE-2014-4486)
 - The IOHIDFamily does not properly validate resource-queue metadata, potentially allowing remote code execution. (CVE-2014-4488)
 - The IOHIDFamily fails to properly sanitize event queues. This can lead to remote code execution. (CVE-2014-4489)
 - The Kernel extension API is vulnerable to a bypass of the ASLR protection mechanism. (CVE-2014-4491)
 - The kernel does not enforce read-only attributes which can allow attackers to bypass access restrictions. (CVE-2014-4495)
 - The libnetcore module fails to verify certain data types which can allow remote code execution in the _networkd context. (CVE-2014-4492)

Solution

Upgrade to Mac OS X 10.10.2 or later.

See Also

https://support.apple.com/en-us/HT204244

Plugin Details

Severity: Critical

ID: 8644

Published: 3/4/2015

Updated: 3/6/2019

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 8.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 9.4

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:X/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:apple:mac_os_x

Patch Publication Date: 1/30/2015

Vulnerability Publication Date: 1/30/2015

Reference Information

CVE: CVE-2014-4481, CVE-2014-4483, CVE-2014-4484, CVE-2014-4485, CVE-2014-4486, CVE-2014-4487, CVE-2014-4488, CVE-2014-4489, CVE-2014-4491, CVE-2014-4492, CVE-2014-4495, CVE-2014-4497, CVE-2014-4498, CVE-2014-4499, CVE-2014-8817, CVE-2014-8819, CVE-2014-8820, CVE-2014-8821, CVE-2014-8822, CVE-2014-8823, CVE-2014-8824, CVE-2014-8825, CVE-2014-8826, CVE-2014-8827, CVE-2014-8829, CVE-2014-8830, CVE-2014-8831, CVE-2014-8832, CVE-2014-8833, CVE-2014-8834, CVE-2014-8835, CVE-2014-8836, CVE-2014-8837, CVE-2014-8839

BID: 72328, 72327, 72262, 72341, 71992, 72297, 70249