Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:21029
HistoryDec 16, 2008 - 12:00 a.m.

US-CERT Technical Cyber Security Alert TA08-350A -- Apple Updates for Multiple Vulnerabilities

2008-12-1600:00:00
vulners.com
16
JSON

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

                National Cyber Alert System

          Technical Cyber Security Alert TA08-350A

Apple Updates for Multiple Vulnerabilities

Original release date: December 15, 2008
Last revised: –
Source: US-CERT

Systems Affected

 * Apple Mac OS X versions prior to and including 10.4.11 (Tiger) and 10.5.5 (Leopard)
 * Apple Mac OS X Server versions prior to and including 10.4.11 (Tiger) and 10.5.5 (Leopard)

Overview

Apple has released Security Update 2008-008 and Mac OS X version
10.5.6 to correct multiple vulnerabilities affecting Apple Mac OS X
and Mac OS X Server. Attackers could exploit these vulnerabilities
to execute arbitrary code, gain access to sensitive information, or
cause a denial of service.

I. Description

Apple Security Update 2008-008 and Apple Mac OS X version 10.5.6
address a number of vulnerabilities affecting Apple Mac OS X and
Mac OS X Server versions prior to and including 10.4.11 and 10.5.5.
The update also addresses vulnerabilities in other vendors'
products that ship with Apple Mac OS X or Mac OS X Server.

II. Impact

The impacts of these vulnerabilities vary. Potential consequences
include arbitrary code execution, sensitive information disclosure,
denial of service, or privilege escalation.

III. Solution

Install Apple Security Update 2008-008 or Apple Mac OS X version
10.5.6. These and other updates are available via Software Update
or via Apple Downloads.

IV. References

The most recent version of this document can be found at:

 <http://www.us-cert.gov/cas/techalerts/TA08-350A.html>

Feedback can be directed to US-CERT Technical Staff. Please send
email to <[email protected]> with "TA08-350A Feedback VU#901332" in
the subject.

For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html&gt;.

Produced 2008 by US-CERT, a government organization.

Terms of use:

 &lt;http://www.us-cert.gov/legal.html&gt;

Revision History

December 15, 2008: Initial release

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iQEVAwUBSUbT5nIHljM+H4irAQLfMggAvH7VNoR3th5dBLhuq/f43ka1G5cecyAK
g4gucF6+frxTfsVz2FGbawFdD/sAxAb/CnASFIkbuHItPwI526uy8MjXOmi/kYm2
ESZgD8U0OBtb2mqQRfhURz9sF97yVFhvHAZS3VOOCH85d1R6dr4ncxIWMGn2cgon
Cjlll1WTx2BuMZO/AFn2UM7OooV9VVXtMht9D48X7i9bCWoU2W0mFSCHr+bJPE3d
fI8v9+kyCQnjB3R9J+eGxmFClXl9PeMxOvsjPh/bQ8PpmAYMCH1Qp7vaSjjqSlVE
ljRuyK8e6TIirse/RoK0YOwqBWudpgyJZvsV89ft9v55+a0l+2UlJw==
=yvkk
-----END PGP SIGNATURE-----

JSON