SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


Try our Premium Alert Service
 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service





Category:   OS (UNIX)  >   Apple macOS/OS X Vendors:   Apple
Apple OS X Multiple Flaws Let Remote and Local Users Execute Arbitrary Code and Deny Service and Let Local Users Obtain Potentially Sensitive Information and Gain Elevated Privileges
SecurityTracker Alert ID:  1034344
SecurityTracker URL:  http://securitytracker.com/id/1034344
CVE Reference:   CVE-2012-1147, CVE-2012-1148, CVE-2015-5333, CVE-2015-5334, CVE-2015-7001, CVE-2015-7038, CVE-2015-7039, CVE-2015-7040, CVE-2015-7041, CVE-2015-7042, CVE-2015-7043, CVE-2015-7044, CVE-2015-7045, CVE-2015-7046, CVE-2015-7047, CVE-2015-7052, CVE-2015-7053, CVE-2015-7054, CVE-2015-7058, CVE-2015-7059, CVE-2015-7060, CVE-2015-7061, CVE-2015-7062, CVE-2015-7063, CVE-2015-7064, CVE-2015-7065, CVE-2015-7066, CVE-2015-7067, CVE-2015-7068, CVE-2015-7071, CVE-2015-7073, CVE-2015-7074, CVE-2015-7075, CVE-2015-7076, CVE-2015-7077, CVE-2015-7078, CVE-2015-7081, CVE-2015-7083, CVE-2015-7084, CVE-2015-7094, CVE-2015-7105, CVE-2015-7106, CVE-2015-7107, CVE-2015-7108, CVE-2015-7109, CVE-2015-7110, CVE-2015-7111, CVE-2015-7112   (Links to External Site)
Date:  Dec 9 2015
Impact:   Denial of service via local system, Denial of service via network, Disclosure of system information, Disclosure of user information, Execution of arbitrary code via network, Root access via local system, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  

Description:   Multiple vulnerabilities were reported in Apple OS X. A remote user can cause arbitrary code to be executed on the target user's system. A remote or local user can cause denial of service conditions on the target system. A local user can obtain potentially sensitive information. A local user or an application can bypass security restrictions. A local user can gain system privileges on the target system.

An application can bypass sandbox restrictions and access Contacts after access has been revoked [CVE-2015-7001].

A local user can trigger a memory corruption flaw in the Bluetooth HCI interface to execute arbitrary code with system privileges [CVE-2015-7108].

A remote user in a privileged network position can exploit a URL validation flaw to bypass HSTS [CVE-2015-7094].

A remote user can create a specially crafted web site that, when loaded by the target user, will trigger an uninitialized memory error in zlib and execute arbitrary code [CVE-2015-7054].

A local user can exploit a flaw in the installation of configuration profiles to install a configuration profile without admin privileges [CVE-2015-7062].

A remote user can create a specially crafted font file that, when loaded by the target user, will trigger a memory corruption flaw in CoreGraphics and execute arbitrary code [CVE-2015-7105].

A remote user can create a specially crafted web site that, when loaded by the target user, will trigger a memory corruption flaw in the processing of media files and execute arbitrary code [CVE-2015-7074, CVE-2015-7075].

A local user can load a specially crafted disk image to trigger a memory corruption flaw and execute arbitrary code with kernel privileges [CVE-2015-7110].

A local user can exploit a path validation flaw in the kernel loader to execute arbitrary code with system privileges [CVE-2015-7063].

A sandboxed application can circumvent sandbox restrictions [CVE-2015-7071].

A local user can trigger a use-after-free memory error in the handling of VM objects to execute arbitrary code with system privileges [CVE-2015-7078].

A remote user can create a specially crafted iBooks file that references an external XML entity that, when loaded by the target user, will obtain potentially sensitive user information [CVE-2015-7081].

A remote user can create a specially crafted web image that, when loaded by the target user, will trigger a memory corruption flaw in ImageIO and execute arbitrary code [CVE-2015-7053].

A local user can trigger a null pointer dereference in the Intel Graphics Driver to execute arbitrary code with system privileges [CVE-2015-7076].

A local user can trigger a memory corruption error in the Intel Graphics Driver to execute arbitrary code with system privileges [CVE-2015-7106].

An application can trigger an out-of-bounds memory access error in the Intel Graphics Driver to execute arbitrary code with system privileges [CVE-2015-7077].

An application can trigger a memory corruption flaw in IOAcceleratorFamily to execute arbitrary code with system privileges [CVE-2015-7109].

An application can trigger a memory corruption flaw in IOHIDFamily to execute arbitrary code with system privileges [CVE-2015-7111, CVE-2015-7112].

An application can trigger a null pointer dereference in IOKit to execute arbitrary code with kernel privileges [CVE-2015-7068].

A local user can trigger a null pointer dereference in IOThunderboltFamily to cause denial of service conditions [CVE-2015-7067].

An application cause denial of service conditions [CVE-2015-7040, CVE-2015-7041, CVE-2015-7042, CVE-2015-7043].

A local user can trigger a memory handling flaw to execute arbitrary code with kernel privileges [CVE-2015-7083, CVE-2015-7084].

A local user can trigger a flaw in the parsing of mach messages to execute arbitrary code with kernel privileges [CVE-2015-7047].

A local user can exploit a validation flaw in the loading of kernel extensions to execute arbitrary code with kernel privileges [CVE-2015-7052].

An application can masquerade as the Keychain Server [CVE-2015-7045].

A remote user A remote user can create a specially crafted package that, when loaded by the target user, will trigger a buffer overflow in libc and execute arbitrary code [CVE-2015-7038, CVE-2015-7039].

Some vulnerabilities exist in expat versions prior to 2.1.0 [CVE-2012-1147, CVE-2012-1148].

A remote user can create a specially crafted web site that, when loaded by the target user, will trigger a memory corruption error in OpenGL and execute arbitrary code [CVE-2015-7064, CVE-2015-7065, CVE-2015-7066].

Some vulnerabilities exist in LibreSSL prior to versions 2.1.8 [CVE-2015-5333, CVE-2015-5334].

A remote user can create a specially crafted iWork file that, when loaded by the target user, will execute arbitrary code on the target user's system [CVE-2015-7107].

An application with root privileges can bypass kernel address space layout randomization protections [CVE-2015-7046].

A remote user can trigger a memory corruption error in the handling of SSL handshakes to execute arbitrary code [CVE-2015-7073].

A remote user can create a specially crafted certificate that, when processed by the target system, will trigger a memory corruption error in the ASN.1 decoder to execute arbitrary code [CVE-2015-7059, CVE-2015-7060, CVE-2015-7061].

An application can gain access to the target user's Keychain items [CVE-2015-7058].

An application with root privileges can exploit a flaw in handling union mounts to execute arbitrary code with system privileges [CVE-2015-7044].

Razvan Deaconescu and Mihai Bucicoiu of University POLITEHNICA of Bucharest; Luke Deshotels and William Enck of North Carolina State University; Lucas Vincenzo Davi and Ahmad-Reza Sadeghi of TU Darmstadt; Ian Beer of Google Project Zero; Tsubasa Iinuma (@llamakko_cafe) of Gehirn Inc.; Muneaki Nishimura (nishimunea); j00ru;
David Mulder of Dell Software; John Villamil (@day6reak), Yahoo Pentest Team; Behrouz Sadeghipour (@Nahamsec); Patrik Fehrenbach (@ITSecurityguard); Juwei Lin of TrendMicro; beist and ABH of BoB; JeongHoon Shin@A.D.D; Lufeng Li of Qihoo 360 Vulcan Team; Tarjei Mandt (@kernelpool);
Luyi Xing and XiaoFeng Wang of Indiana University Bloomington, Xiaolong Bai of Indiana University Bloomington and Tsinghua University, Tongxin Li of Peking University, Kai Chen of Indiana University Bloomington and Institute of Information Engineering, Xiaojing Liao of Georgia Institute of Technology, Shi-Min Hu of Tsinghua University, and Xinhui Han of Peking University;
Maksymilian Arciemowicz (CXSECURITY.COM); Kurt Seifried; Tongbo Luo and Bo Qu of Palo Alto Networks; Benoit Foucher of ZeroC, Inc.; David Keeler of Mozilla; Tyson Smith of Mozilla; Ryan Sleevi of Google; and MacDefender reported these vulnerabilities.

Impact:   A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.

A remote or local user can cause denial of service conditions on the target system.

A local user can obtain potentially sensitive information on the target system.

An application or a local user can bypass security controls on the target system.

A local user can obtain system privileges on the target system.

Solution:   The vendor has issued a fix.

The vendor's advisory is available at:

https://support.apple.com/en-us/HT205637

Vendor URL:  support.apple.com/en-us/HT205637 (Links to External Site)
Cause:   Access control error

Message History:   This archive entry has one or more follow-up message(s) listed below.
Dec 9 2015 (Apple Issues Fix for Apple Watch) Apple OS X Multiple Flaws Let Remote and Local Users Execute Arbitrary Code and Deny Service and Let Local Users Obtain Potentially Sensitive Information and Gain Elevated Privileges
Apple has issued a fix for Apple Watch.
Dec 9 2015 (Apple Issues Fix for Apple TV) Apple OS X Multiple Flaws Let Remote and Local Users Execute Arbitrary Code and Deny Service and Let Local Users Obtain Potentially Sensitive Information and Gain Elevated Privileges
Apple has issued a fix for Apple TV.
Jan 22 2016 (Red Hat Issues Fix for JBoss) Apple OS X Multiple Flaws Let Remote and Local Users Execute Arbitrary Code and Deny Service and Let Local Users Obtain Potentially Sensitive Information and Gain Elevated Privileges
Red Hat has issued a fix for JBoss for Red Hat Enterprise Linux.
Mar 23 2017 (Apple Issues Fix for Apple iTunes) Apple OS X Multiple Flaws Let Remote and Local Users Execute Arbitrary Code and Deny Service and Let Local Users Obtain Potentially Sensitive Information and Gain Elevated Privileges
Apple has issued a fix for Apple iTunes.



 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

Copyright 2018, SecurityGlobal.net LLC