Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Mac OS X < 10.10.2 Multiple Vulnerabilities

Critical

Synopsis

The remote host is missing a critical Mac OS X patch update.

Description

The remote host is running a version of Mac OS X 10.10.x that is prior to version 10.10.2. Mac OS X 10.10.2 contains the following security-related fixes :

- The IOHIDFamily allows attackers to execute arbitrary code in a kernel context. (CVE-2014-8822, CVE-2014-4487) - The LaunchServices module does not properly handle file-type metadata. This can allow an attacker to bypass the Gatekeeper protection via a crafted JAR archive. (CVE-2014-8826) - There are unspecified vulnerabilities in the Intel Graphics driver. (CVE-2014-8819, CVE-2014-8820, CVE-2014-8821) - There is a data leak vulnerability in the LoginWindow component. (CVE-2014-8827) - There is a data leak vulnerability with the Spotlight Mail component. (CVE-2014-8839) - The SceneKit component is vulnerable to a heap-based buffer overflow. (CVE-2014-8830) - The App Store process in CommerceKit Framework is vulnerable to a local information leak. (CVE-2014-4499) - The indexing functionality in Spotlight is vulnerable to a sensitive data leak. (CVE-2014-8832, CVE-2014-8833) - The security_taskgate Bluetooth driver is vulnerable to an unspecified vulnerability. (CVE-2014-8831) - The Bluetooth driver is vulnerable to a remote code execution vulnerability. (CVE-2014-8836) - There are multiple unspecified vulnerabilities in the Bluetooth driver. (CVE-2014-8837, CVE-2014-4497) - The UserAccountUpdater component is vulnerable to a local data leak. (CVE-2014-8834) - There is a buffer overflow vulnerability in the xpc_data_get_bytes function in libxpc. (CVE-2014-8835) - The SceneKit component is vulnerable to an arbitrary code execution vulnerability. (CVE-2014-8829) - The CPU Software allows a local, physical, firmware attack. (CVE-2014-4498) - The IOUSBControllerUserClient::ReadRegister function in the IOUSB controller of IOUSBFamily is vulnerable to a data leak. (CVE-2014-8823) - The kernel does not properly validate IODataQueue object metadata fields. (CVE-2014-8824) - The kernel does not properly perform identitysvc validation. (CVE-2014-8825) - The Coresymbolicationd component in CoreSymbolication does not verify data types. (CVE-2014-8817) - There is an integer overflow in the CoreGraphics component which can lead to remote code execution. (CVE-2014-4481) - There is a buffer overflow in the FontParser component which may allow remote code execution. (CVE-2014-4483) - The FontParser does not properly validate crafted .dfont files which can lead to remote code execution. (CVE-2014-4484) - There is a buffer overflow in the XML parser in Foundation. (CVE-2014-4485) - The IOAcceleratorFamily does not properly handle certain types and can lead to a NULL pointer dereference. (CVE-2014-4486) - The IOHIDFamily does not properly validate resource-queue metadata, potentially allowing remote code execution. (CVE-2014-4488) - The IOHIDFamily fails to properly sanitize event queues. This can lead to remote code execution. (CVE-2014-4489) - The Kernel extension API is vulnerable to a bypass of the ASLR protection mechanism. (CVE-2014-4491) - The kernel does not enforce read-only attributes which can allow attackers to bypass access restrictions. (CVE-2014-4495) - The libnetcore module fails to verify certain data types which can allow remote code execution in the _networkd context. (CVE-2014-4492)

Solution

Upgrade to Mac OS X 10.10.2 or later.