SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


Try our Premium Alert Service
 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service





Category:   OS (UNIX)  >   Apple macOS/OS X Vendors:   Apple
Apple macOS/OS X Multiple Flaws Let Remote Users Bypass Security and Obtain Potentially Sensitive Information and Let Local Users Obtain Passwords and Gain Elevated Privileges
SecurityTracker Alert ID:  1040608
SecurityTracker URL:  http://securitytracker.com/id/1040608
CVE Reference:   CVE-2017-13890, CVE-2017-8816, CVE-2018-4104, CVE-2018-4105, CVE-2018-4106, CVE-2018-4107, CVE-2018-4108, CVE-2018-4111, CVE-2018-4112, CVE-2018-4115, CVE-2018-4131, CVE-2018-4132, CVE-2018-4135, CVE-2018-4136, CVE-2018-4138, CVE-2018-4139, CVE-2018-4142, CVE-2018-4143, CVE-2018-4144, CVE-2018-4150, CVE-2018-4151, CVE-2018-4152, CVE-2018-4154, CVE-2018-4155, CVE-2018-4156, CVE-2018-4157, CVE-2018-4158, CVE-2018-4160, CVE-2018-4166, CVE-2018-4167, CVE-2018-4170, CVE-2018-4174, CVE-2018-4175, CVE-2018-4176   (Links to External Site)
Date:  Mar 30 2018
Impact:   Disclosure of authentication information, Disclosure of system information, Disclosure of user information, Execution of arbitrary code via local system, Not specified, Root access via local system, User access via local system
Fix Available:  Yes  Vendor Confirmed:  Yes  

Description:   Multiple vulnerabilities were reported in Apple macOS/OS X. A remote user can obtain potentially sensitive information. A remote user can bypass security restrictions. A local user can gain elevated privileges. A local user can obtain passwords on the target system.

A local user can view passwords supplied to 'sysadminctl' via the command line [CVE-2018-4170].

An APFS volume password may be unexpectedly truncated due to an input validation flaw [CVE-2018-4105, CVE-2018-4108]. The impact was not specified.

A remote user can create a specially crafted file that, when processed by the target user, will trigger a symlink handling bug in the ATS component to obtain potentially sensitive information [CVE-2018-4112].

A remote user can create specially crafted HTML that, when loaded by the target user, will exploit a logic error in the CoreTypes component and cause a disk image to be mounted on the target user's system [CVE-2017-13890].

A remote user can create a specially crafted disk image that, when loaded by the target user, will trigger a logic error in the Disk Images component to cause an application to launch on the target user's system [CVE-2018-4176].

An application can trigger a memory corruption error in the Intel Graphics Driver component to execute arbitrary code with system privileges [CVE-2018-4132].

An application can trigger a memory corruption error in the IOFireWireFamily component to execute arbitrary code with kernel privileges [CVE-2018-4135].

An application can trigger a memory corruption error in the the kernel component to execute arbitrary code with kernel privileges [CVE-2018-4143].

An application can trigger an out-of-bounds memory read error in the kernel to execute arbitrary code with kernel privileges [CVE-2018-4136].

An application can trigger an out-of-bounds memory read error in the kernel to execute arbitrary code with system privileges [CVE-2018-4160].

An application can trigger a memory corruption error in the kext tools component to execute arbitrary code with system privileges [CVE-2018-4139].

An application can trigger a logic error in the LaunchServices component to bypass code signing enforcement [CVE-2018-4175].

A remote user in a privileged network position can obtain the contents of S/MIME-encrypted e-mail [CVE-2018-4111].

An application can trigger a race condition in the Notes component to gain elevated privileges [CVE-2018-4152].

An application can trigger an input validation flaw in the NVIDIA Graphics Drivers component to read restricted memory [CVE-2018-4138].

A remote user can create a specially crafted URL in a PDF file that, when clicked by the target user, will load a website [CVE-2018-4107].

The Bracketed Paste Mode can cause arbitrary commands to be injected and executed due to an input validation flaw in the Terminal component [CVE-2018-4106].

An anonymous researcher, Apple, Axis and pjf of IceSword Lab of Qihoo 360, David J Beitey (@davidjb_), Geoffrey Bugniot, Haik Aftandilian of Mozilla, Ian Beer of Google Project Zero, Jonas Jensen of lgtm.com and Semmle, Kamatham Chaitanya of ShiftLeft Inc., Samuel Gros (@5aelo), Simon Hosie, Theodor Ragnar Gislason of Syndis, and Xiaolong Bai and Min (Spark) Zheng of Alibaba Inc. reported these vulnerabilities.

Impact:   A remote user can obtain potentially sensitive information.

A remote user can bypass security restrictions.

A local user can gain elevated privileges.

A local user can obtain passwords on the target system.

Solution:   The vendor has issued a fix (10.13.4, Security Update 2018-002 Sierra, and Security Update 2018-002 El Capitan).

The vendor advisory is available at:

https://support.apple.com/en-us/HT208692

Vendor URL:  support.apple.com/en-us/HT208692 (Links to External Site)
Cause:   Access control error, Boundary error, Input validation error

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

Copyright 2018, SecurityGlobal.net LLC