Skip Ribbon Commands
Skip to main content
Computer Security Incident Response Team of Mauritius (CERT-MU)

VN-2017-128


Apple MacOS/OS X Multiple Flaws
Severity Rating: High
Systems Affected:
  • Apple MacOS/OS X  versions prior to 10.13
Description
Multiple vulnerabilities were reported in Apple MacOS/OS X and can be exploited by remote attackers to cause denial of service conditions, execute arbitrary code with elevated privileges, obtain potentially sensitive information from system memory, obtain elevated privileges on the target system and bypass security restrictions on the target system.
 
·         The system may not properly enforce a firewall setting for a previously denied application.
 
·         An application can trigger a memory handling error in the AppSandbox component to cause denial of service conditions.
 
·         A local user may send a password unencrypted via the network due to a flaw in the Captive Network Assistant component.
 
·         A remote user in a privileged network position can trigger a memory handling error in the CFNetwork Proxies component to cause denial of service conditions.
 
·         An application can trigger an out-of-bounds memory read error in the CoreAudio component to read restricted memory.
 
·         A local user can trigger an access control flaw in the Directory Utility component to ?determine the Apple ID of the owner of the target system.
 
·         The KDC-REP service uses the plain text service name supplied in a ticket without authenticating the value. A remote user that can conduct a man-in-the-middle attack can bypass Kerberos mutual authentication.
 
·         An application can trigger a memory corruption error in the IOFireWireFamily component to execute arbitrary code with system privileges.
 
·         An application can trigger a input validation flaw in the IOFireWireFamily component to read restricted memory.
 
·         An application can trigger a memory corruption error in the the kernel component to execute arbitrary code with kernel privileges.
 
·         A remote user can trigger a glob memory error in the libc component to consume excessive system resources and cause denial of service conditions.
 
·         The system does not properly enforce the "Load remote content in messages" settings. A remote user sending email to the target user can determine the target user's IP address.
 
·         A remote user a privileged network position can obtain the contents of mail drafts.
 
·         A physically local user can view Application Firewall prompts when the Screen Lock is engaged.
 
·         A certificate validation error may occur in the Security component, causing a revoked certificate to be trusted.
 
·         Unspecified flaws may exist in the SQLite component.
 
·         An application can trigger a memory corruption error in the SQLite component to execute arbitrary code with system privileges.
 
·         A remote user can exploit a cookie permissions flaw to tract users in Safari private browsing mode.
 
Solution
Users are advised to apply updates.
More information about the update is available on:
 
CVE Information
 
List of other CVE Information is available on:
 
Vendor Information
Apple
 
References
Security Tracker
 
Apple Security
 
Contact Information
 
Postal address
Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
7th Floor, Stratton Court
La Poudriere Street
Port Louis