SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   OS (UNIX)  >   Apple macOS/OS X Vendors:   Apple
Apple macOS/OS X Multiple Remote Code Execution, Denial of Service, and Information Disclosure Attacks and Local Privilege Escalation Attacks
SecurityTracker Alert ID:  1042004
SecurityTracker URL:  http://securitytracker.com/id/1042004
CVE Reference:   CVE-2017-10784, CVE-2017-12613, CVE-2017-12618, CVE-2017-14033, CVE-2017-14064, CVE-2017-17405, CVE-2017-17742, CVE-2018-3639, CVE-2018-3640, CVE-2018-3646, CVE-2018-4126, CVE-2018-4153, CVE-2018-4203, CVE-2018-4242, CVE-2018-4259, CVE-2018-4286, CVE-2018-4287, CVE-2018-4288, CVE-2018-4291, CVE-2018-4295, CVE-2018-4304, CVE-2018-4308, CVE-2018-4310, CVE-2018-4326, CVE-2018-4331, CVE-2018-4334, CVE-2018-4340, CVE-2018-4341, CVE-2018-4342, CVE-2018-4346, CVE-2018-4348, CVE-2018-4350, CVE-2018-4354, CVE-2018-4368, CVE-2018-4369, CVE-2018-4371, CVE-2018-4389, CVE-2018-4393, CVE-2018-4394, CVE-2018-4395, CVE-2018-4396, CVE-2018-4398, CVE-2018-4399, CVE-2018-4400, CVE-2018-4401, CVE-2018-4402, CVE-2018-4403, CVE-2018-4406, CVE-2018-4407, CVE-2018-4408, CVE-2018-4410, CVE-2018-4411, CVE-2018-4412, CVE-2018-4413, CVE-2018-4415, CVE-2018-4417, CVE-2018-4418, CVE-2018-4419, CVE-2018-4420, CVE-2018-4422, CVE-2018-4423, CVE-2018-4424, CVE-2018-4425, CVE-2018-4426, CVE-2018-6797, CVE-2018-6914, CVE-2018-8777, CVE-2018-8778, CVE-2018-8779, CVE-2018-8780   (Links to External Site)
Date:  Oct 30 2018
Impact:   Denial of service via network, Disclosure of system information, Disclosure of user information, Execution of arbitrary code via network, Root access via local system, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  

Description:   Multiple vulnerabilities were reported in Apple macOS/OS X. A remote user can cause arbitrary code to be executed on the target user's system. A remote user can cause denial of service conditions on the target system. A local user can gain system privileges on the target system. A remote user can obtain potentially sensitive information on the target system.

A remote attacker may be able to attack AFP servers through HTTP clients [CVE-2018-4295].

An application can trigger a memory corruption error in the AppleGraphicsControl component to execute arbitrary code with system privileges [CVE-2018-4410].

An application can trigger a input validation flaw in the AppleGraphicsControl component to read restricted memory [CVE-2018-4417].

An application can trigger a memory corruption error in the ATS component to gain elevated privileges [CVE-2018-4411].

An application can trigger a read-only memory flaw in the ATS component to read restricted memory [CVE-2018-4308].

An application can trigger a memory corruption error in the CFNetwork component to execute arbitrary code with system privileges [CVE-2018-4126].

An application can trigger a memory corruption error in the CoreAnimation component to execute arbitrary code with system privileges [CVE-2018-4415].

A local user can trigger a weakness in the Miller-Rabin primality test to identify prime numbers [CVE-2018-4398].

An application can trigger a memory corruption error in the CoreFoundation component to gain elevated privileges [CVE-2018-4412].

A remote user can replace the message content from the print server with arbitrary content [CVE-2018-4153].

A remote user in a privileged network position can conduct denial of service attacks using the CUPS protocol [CVE-2018-4406].

A remote user can trigger a input validation flaw in the Dictionary component to disclose user information [CVE-2018-4346].

An application can trigger a restricted file flaw in the Dock component [CVE-2018-4403].

A malicious application may be able to trigger a logic error in the dyld component to gain elevate privileges [CVE-2018-4423].

An application on EFI systems cannot read access via a speculative side-channel analysis [CVE-2018-3639].

A local user can trigger a modification error in the EFI component [CVE-2018-4342].

A remote user can trigger an access control flaw in the Foundation component to cause denial of service conditions [CVE-2018-4304].

An application can trigger a memory corruption error in the Grand Central Dispatch component to execute arbitrary code with system privileges [CVE-2018-4426].

An application can trigger a memory corruption error in the Heimdal component to execute arbitrary code with system privileges [CVE-2018-4331].

A local user can exploit a flaw in the L1 data cache at the virtual machine entry to determine guest OS privilege [CVE-2018-3646].

An application can trigger a memory corruption error in the Hypervisor component to execute arbitrary code with kernel privileges [CVE-2018-4242].

A remote user can trigger a memory corruption error in the ICU component to trigger heap corruption [CVE-2018-4394].

An application can trigger a memory corruption error in the Intel Graphics Driver component to execute arbitrary code with system privileges [CVE-2018-4334].

An application can trigger a input validation flaw in the Intel Graphics Driver component to read restricted memory [CVE-2018-4396, CVE-2018-4418].

An application can trigger a memory corruption error in the Intel Graphics Driver component to execute arbitrary code with system privileges [CVE-2018-4350].

An application can trigger a memory corruption error in the IOGraphics component to execute arbitrary code with kernel privileges [CVE-2018-4422].

An application can trigger a memory corruption error in the IOHIDFamily component to execute arbitrary code with kernel privileges [CVE-2018-4408].

An application can trigger a memory corruption error in the IOKit component to execute arbitrary code with system privileges [CVE-2018-4402].

An application can trigger a memory corruption error in the IOKit component [CVE-2018-4341, CVE-2018-4354].

An application can trigger a memory corruption error in the IOUserEthernet component to execute arbitrary code with kernel privileges [CVE-2018-4401].

An application can trigger an out-of-bounds access control flaw in the IPSec component to gain elevated privileges [CVE-2018-4371].

An application can trigger a memory corruption error in the the kernel component to execute arbitrary code with kernel privileges [CVE-2018-4420].

An application can trigger an access control error in the kernel component with privileged API calls [CVE-2018-4399].

An application can trigger a memory corruption error in the the kernel component to execute arbitrary code with kernel privileges [CVE-2018-4340, CVE-2018-4419, CVE-2018-4425].

A remote user can trigger a memory corruption error in the the kernel component to execute arbitrary code [CVE-2018-4259, CVE-2018-4286, CVE-2018-4287, CVE-2018-4288, CVE-2018-4291].

An application can trigger a memory handling error in the the kernel component to read restricted memory [CVE-2018-4413].

An attacker is a privileged network position can trigger a memory corruption error in the the kernel component [CVE-2018-4407].

An application can trigger a buffer overflow in the the kernel component to execute arbitrary code with kernel privileges [CVE-2018-4424].

A local user can trigger a flaw in the Login Window component to cause denial of service conditions [CVE-2018-4348].

A remote user can process a specially crafted email message to lead to user interface spoofing [CVE-2018-4389].

An application can trigger a memory corruption error in the mDNSOffloadUserClient component to execute arbitrary code with kernel privileges [CVE-2018-4326].

An application can trigger a flaw in the MediaRemote component to bypass sandbox restrictions [CVE-2018-4310].

A local user can trigger an error in the Microcode component to gain speculative execution side-channel analysis [CVE-2018-3640].

A remote user can connect to a VPN server to cause DNS queries to be leaked to a DNS proxy [CVE-2018-4369].

A remote user can trigger a S/MIME flaw in the Security component to cause denial of service conditions [CVE-2018-4400].

A local user can trigger a flaw in the Security component to cause denial of service conditions [CVE-2018-4395].

An application can trigger a memory corruption error in the Spotlight component to execute arbitrary code with system privileges [CVE-2018-4393].

An application can trigger an access control flaw in the Symptom Framework component to read restricted memory [CVE-2018-4203].

A wireless user in a privileged network position can trigger a flaw in the WiFi component to cause denial of service conditions [CVE-2018-4368].

Baris Kasikci, Daniel Genkin, Ofir Weisse, and Thomas F. Wenisch of University of Michigan, Mark Silberstein and Marina Minkin of Technion, Raoul Strackx, Jo Van Bulck, and Frank Piessens of KU Leuven, Rodrigo Branco, Henrique Kawakami, Ke Sun, and Kekai Hu of Intel Corporation, Yuval Yarom of The University of Adelaide, Brandon Azad, Brian Carpenter, Bruno Keith (@bkth_) working with Trend Micro's Zero Day Initiative, CodeColorist of Ant-Financial LightYear Labs, Craig Young of Tripwire VERT,
Dr. Silvio Cesare of InfoSect, Dropbox Offensive Security Team, Theodor Ragnar Gislason of Syndis, Fabiano Anemone (@anoane), Ian Beer of Google Project Zero, Innokentiy Sennovskiy from BiZone LLC (bi.zone), Zdenek Sojka, Rudolf Marek and Alex Zuepke from SYSGO AG (sysgo.com), Jann Horn (@tehjh) of Google Project Zero (GPZ), Ken Johnson of the Microsoft Security Response Center (MSRC), Jianjun Chen (@whucjj) from Tsinghua University and UC Berkeley, Juwei Lin (@panicaII) of TrendMicro Mobile Security Team,
Ken Gannon of MWR InfoSecurity and Christian Demko of MWR InfoSecurity, Kevin Backhouse of Semmle Ltd., Kevin Backhouse of Semmle and LGTM.com, Lee of the Information Security Lab Yonsei University working with Trend Micro's Zero Day Initiative, Liang Zhuo working with Beyond Security's SecuriTeam Secure Disclosure, Lufeng Li, Martin Albrecht, Jake Massimo and Kenny Paterson of Royal Holloway, University of London, and Juraj Somorovsky of Ruhr University, Bochum, Michael Hanselmann of hansmi.ch,
Milan Stute and Alex Mariotto of Secure Mobile Networking Lab at Technische Universität Darmstadt, Mohamed Ghannam (@_simo36), Patrick Wardle of Digita Security, Proteas of Qihoo 360 Nirvan Team, The UK's National Cyber Security Centre (NCSC), Tim Michaud (@TimGMichaud) of Leviathan Security Group, Timothy Perfitt of Twocanoes Software, Wojciech Reguła (@_r3ggi) of SecuRing, Yu Wang of Didi Research America, Yukinobu Nagayasu of LAC Co., Ltd., Zhuo Liang of Qihoo 360 Nirvan Team,
Zhuo Liang of Qihoo 360 Nirvan Team, cc working with Trend Micro's Zero Day Initiative, Juwei Lin (@panicaII) of Trend Micro working with Trend Micro's Zero Day Initiative, jianan.huang (@Sevck), and lilang wu moony Li of Trend Micro working with Trend Micro's Zero Day Initiative reported these vulnerabilities.

Impact:   A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.

A remote user can cause denial of service conditions.

A local user can obtain system privileges on the target system.

A remote user can obtain potentially sensitive information on the target system.

Solution:   The vendor has issued a fix.

The vendor advisory is available at:

https://support.apple.com/en-us/HT209193

Vendor URL:  support.apple.com/en-us/HT209193 (Links to External Site)
Cause:   Access control error, Boundary error, Input validation error, State error

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC