SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   OS (UNIX)  >   Apple macOS/OS X Vendors:   Apple
Apple OS X Bugs Let Remote Users Execute Arbitrary Code and Local Users Gain Elevated Privileges
SecurityTracker Alert ID:  1030505
SecurityTracker URL:  http://securitytracker.com/id/1030505
CVE Reference:   CVE-2014-1317, CVE-2014-1370, CVE-2014-1371, CVE-2014-1372, CVE-2014-1373, CVE-2014-1375, CVE-2014-1376, CVE-2014-1377, CVE-2014-1378, CVE-2014-1379, CVE-2014-1380, CVE-2014-1381   (Links to External Site)
Date:  Jul 1 2014
Impact:   Disclosure of system information, Execution of arbitrary code via local system, Execution of arbitrary code via network, User access via local system, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 10.7.5, 10.8.5, 10.9 to 10.9.3
Description:   Multiple vulnerabilities were reported in Apple OS X. A remote user can cause arbitrary code to be executed on the target user's system. A local user can obtain elevated privileges on the target system.

The system may write the Apple ID credentials to the iBooks log file. A local user can obtain the credentials [CVE-2014-1317]. OS X 10.9.x is affected. Steve Dunham reported this vulnerability.

A remote user can create a specially crafted zip file that, when loaded by the target user, will trigger an out-of-bounds byte swapping flaw in the processing of AppleDouble files and execute arbitrary code on the target system [CVE-2014-1370]. Chaitanya (SegFault) (via iDefense VCP) reported this vulnerability.

A local application can trigger an invalid pointer dereference to bypass sandbox restrictions and execute arbitrary code [CVE-2014-1371]. An anonymous researcher (via HP's Zero Day Initiative) reported this vulnerability.

A local user can trigger an out-of-bounds read flaw in the processing of system calls to read kernel memory and bypass kernel address space layout randomization (ASLR) security capabilities [CVE-2014-1372]. OS X 10.8.x and 10.9.x are affected. Ian Beer of Google Project Zero reported this vulnerability.

A local application can trigger a validation flaw in the processing of an OpenGL API call to execute arbitrary code with system privileges [CVE-2014-1373]. OS X 10.8.x and 10.9.x are affected. Ian Beer of Google Project Zero reported this vulnerability.

A local user can exploit a flaw in IOKit to read a kernel pointer and bypass ASLR security capabilities [CVE-2014-1375].

A local application can trigger a bounds validation flaw in the processing of an OpenCL API call and execute arbitrary code with system privileges [CVE-2014-1376]. OS X 10.8.x and 10.9.x are affected. Ian Beer of Google Project Zero reported this vulnerability.

A local application can trigger an array indexing flaw in IOAcceleratorFamily to execute arbitrary code with system privileges [CVE-2014-1377]. OS X 10.8.x and 10.9.x are affected. Ian Beer of Google Project Zero reported this vulnerability.

A local user can exploit a flaw in IOKit to read a kernel pointer and bypass ASLR security capabilities [CVE-2014-1378]. OS X 10.9.x is affected.

A local application can trigger a null dereference to execute arbitrary code with system privileges [CVE-2014-1379]. OS X 10.8.x and 10.9.x are affected. Ian Beer of Google Project Zero reported this vulnerability.

A physically local user can bypass the screen lock to type into windows under the screen lock [CVE-2014-1380]. OS X 10.9.x is affected. Ben Langfeld of Mojo Lingo LLC reported this vulnerability.

A local user can trigger an out of bounds memory access flaw in the processing of IOThunderBoltController API calls to execute arbitrary code with system privileges [CVE-2014-1381]. OS X 10.9.x is affected. Catherine aka winocm reported this vulnerability.

Impact:   A remote user can create a file that, when loaded by the target user, will execute arbitrary code on the target user's system.

A local user can obtain elevated privileges on the target system.

Solution:   The vendor has issued a fix as part of APPLE-SA-2014-06-30-2 OS X Mavericks 10.9.4 and Security Update 2014-003.

The vendor's advisory is available at:

http://support.apple.com/kb/HT6296

Vendor URL:  support.apple.com/kb/HT6296 (Links to External Site)
Cause:   Access control error, Boundary error, Input validation error

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC