Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Mac OS X 10.9.5 or later < 10.11.1 Multiple Vulnerabilities

Critical

Synopsis

The remote host is missing a critical Mac OS X patch update.

Description

The remote host is running a version of Mac OS X version 10.11.x prior to 10.11.1 and is affected by multiple vulnerabilities in the following components :

- Accelerate Framework (CVE-2015-5940) - apache_mod_php (CVE-2015-0235, CVE-2015-0273, CVE-2015-6834, CVE-2015-6835, CVE-2015-6836, CVE-2015-6837, CVE-2015-6838) - ATS (CVE-2015-6985) - Audio (CVE-2015-5933, CVE-2015-5934, CVE-2015-7003) - Bom (CVE-2015-7006) - CFNetwork (CVE-2015-7023) - configd (CVE-2015-7015) - CoreGraphics (CVE-2015-5925, CVE-2015-5926) - CoreText (CVE-2015-5944, CVE-2015-6975, CVE-2015-6992, CVE-2015-7017) - Directory Utility (CVE-2015-6980) - Disk Images (CVE-2015-6995) - EFI (CVE-2015-7035) - File Bookmark (CVE-2015-6987) - FontParser (CVE-2015-5927, CVE-2015-5942, CVE-2015-6976, CVE-2015-6977, CVE-2015-6978, CVE-2015-6990, CVE-2015-6991, CVE-2015-6993, CVE-2015-7008, CVE-2015-7009, CVE-2015-7010, CVE-2015-7018) - Grand Central Dispatch (CVE-2015-6989) - Graphics Drivers (CVE-2015-7019, CVE-2015-7020, CVE-2015-7021) - ImageIO (CVE-2015-5935, CVE-2015-5936, CVE-2015-5937, CVE-2015-5938, CVE-2015-5939) - IOAcceleratorFamily (CVE-2015-6996) - IOHIDFamily (CVE-2015-6974) - Kernel (CVE-2015-5932, CVE-2015-6988, CVE-2015-6994) - libarchive (CVE-2015-6984) - MCX Application Restrictions (CVE-2015-7016) - Net-SNMP (CVE-2014-3565, CVE-2012-6151) - OpenGL (CVE-2015-5924) - OpenSSH (CVE-2015-6563) - Sandbox (CVE-2015-5945) - Script Editor (CVE-2015-7007) - Security (CVE-2015-6983, CVE-2015-7024) - SecurityAgent (CVE-2015-5943)

Note that successful exploitation of the most serious issues can result in arbitrary code execution.

Solution

Upgrade to Mac OS X 10.11.1 or later.