Threat Level: green Handler on Duty: Pedro Bueno

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Security Update 2009-003 / Mac OS X v10.5.8

Published: 2009-08-05
Last Updated: 2009-08-05 21:12:43 UTC
by donald smith (Version: 1)
1 comment(s)

Details of these will be posted here soon:
http://support.apple.com/kb/HT1222

Updates can be obtained here:
http://www.apple.com/support/downloads/

bzip2 CVE-ID: CVE-2008-1372
Application termination.

CFNetwork CVE-ID: CVE-2009-1723
Incorrect URL displayed after a redirect.

ColorSync CVE-ID: CVE-2009-1726
Arbitrary code execution or application termination.

CoreTypes CVE-ID: CVE-2009-1727
Risk of execution of malicious JavaScript.

CoreTypes CVE-ID: CVE-2009-1727
Physical access may allow application management while system is locked via the screen saver.

Image RAW CVE-ID: CVE-2009-1728
Arbitrary code execution or Application termination.

ImageIO CVE-ID: CVE-2009-1722, CVE-2009-1721, CVE-2009-1720, CVE-2009-2188
Arbitrary code execution or Application termination.

Kernel CVE-ID: CVE-2009-1235
Local privilege escalation.

launchd CVE-ID: CVE-2009-2190
DOS

Login Window CVE-ID: CVE-2009-2191
Arbitrary code execution or Application termination.

MobileMe CVE-ID: CVE-2009-2192
Local credential reuse after signing out.

Networking CVE-ID: CVE-2009-2193
Arbitrary code execution or Application termination.

Networking CVE-ID: CVE-2009-2194
DOS

XQuery CVE-ID: CVE-2008-0674
Arbitrary code execution.
 

Keywords: apple updates
1 comment(s)
Diary Archives