Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusTenable802004.PRM
HistoryAug 23, 2016 - 12:00 a.m.

macOS < 10.11.5 Multiple Vulnerabilities

2016-08-2300:00:00
Tenable
www.tenable.com
16

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.096

Percentile

94.9%

JSON

The specific version of Mac OS X that the system is running is reportedly affected by the following vulnerabilities:

  • Apple Mac OS X contains a use-after-free error in the WindowServer process that is triggered when handling CFData objects in memory. This may allow a local attacker to dereference already freed memory and gain elevated privileges. (CVE-2016-1804)

  • Apple Mac OS X contains an array indexing flaw in the blit3d_submit_commands() function within the IOAcceleratorFamily component. This may allow a local attacker to corrupt memory and potentially execute arbitrary code with kernel privileges. (CVE-2016-1815)

  • Multiple Apple products contains a flaw as HTTP and HTTPS requests are not properly handled. This may allow an attacker with the ability to intercept network traffic (e.g. MitM, DNS cache poisoning) to disclose transmitted data. (CVE-2016-1801)

  • Multiple Apple products contain a flaw that is triggered when handling return values related to key lengths in CommonCrypto (CCCrypt). This may allow a local attacker to gain unauthorized access to sensitive user information. (CVE-2016-1802)

  • Multiple Apple products contain a NULL pointer dereference flaw in CoreCapture that is triggered as input is not properly validated. This may allow a local attacker to cause a crash or potentially execute arbitrary code with kernel privileges. (CVE-2016-1803)

  • Multiple Apple products contain a flaw related to disk images that is triggered by a race condition related to locking. This may allow a local attacker to gain unauthorized access to kernel memory information. (CVE-2016-1807)

  • Multiple Apple products contain a flaw that is triggered as user-supplied input is not properly validated when handling disk images. This may allow a local attacker to corrupt memory to cause a denial of service or potentially execute arbitrary code. (CVE-2016-1808)

  • Multiple Apple products contain a NULL pointer dereference flaw in ImageIO that is triggered when handling a specially crafted image. This may allow a context-dependent attacker to cause a denial of service. (CVE-2016-1811)

  • Multiple Apple products contain an overflow condition in the IOAcceleratorFamily component that is triggered as user-supplied input is not properly validated. This may allow a local attacker to cause a buffer overflow and potentially execute arbitrary code with kernel privileges. (CVE-2016-1817)

  • Multiple Apple products contains a flaw in the IOAcceleratorFamily component that is triggered as user-supplied input is not properly validated. This may allow a local attacker to corrupt memory and potentially execute arbitrary code with kernel privileges. (CVE-2016-1818)

  • Multiple Apple products contain a use-after-free condition in the IOAcceleratorFamily component that is triggered as user-supplied input is not properly validated. This may allow a local attacker to dereference already freed memory and potentially execute arbitrary code with kernel privileges. (CVE-2016-1819)

  • Multiple Apple products contain a NULL pointer dereference in IOAcceleratorFamily related to improper locking. This may allow a local attacker to cause a denial of service. (CVE-2016-1814)

  • Multiple Apple products contain a NULL pointer dereference in the IOAccelSharedUserClient2::page_off_resource() function that is triggered as user-supplied input is not properly sanitized. This may allow a local attacker to cause a crash or potentially execute arbitrary code with kernel privileges. (CVE-2016-1813)

  • Multiple Apple products contains an out-of-bounds access flaw in the IOHIDFamily component that is triggered as user-supplied input is not properly validated. This may allow a local attacker to corrupt memory and potentially execute arbitrary code with kernel privileges. (CVE-2016-1823)

  • Multiple Apple products contains a flaw in the IOHIDFamily component. The issue is triggered as user-supplied input is not properly validated. This may allow a local attacker to corrupt memory to cause a denial of service or potentially execute arbitrary code with kernel privileges. (CVE-2016-1824)

  • Multiple Apple products contain a flaw in the kernel. The issue is triggered as user-supplied input is not properly validated. This may allow a local attacker to corrupt memory and cause a denial of service or potentially execute arbitrary code with kernel privileges. (CVE-2016-1827, CVE-2016-1828, CVE-2016-1829, CVE-2016-1830, CVE-2016-1831)

  • Multiple Apple products contains a flaw in libc. The issue is triggered as user-supplied input is not properly validated. This may allow a local attacker to corrupt memory and cause a denial of service or potentially execute arbitrary code. (CVE-2016-1832)

  • Libxml2 contains an overflow condition in the xmlStrncatNew() function of xmlstring.c . The issue is triggered as user-supplied input is not properly validated when handling a string with a NULL. With a specially crafted file, a context-dependent attacker can cause a heap-based buffer overflow, resulting in a denial of service or potentially allowing the execution of arbitrary code. (CVE-2016-1834)

  • Libxml2 contains a use-after-free error in the xmlParseStartTag2() function of parser.c. The issue is triggered when parsing complex names. With a specially crafted file, a context-dependent attacker can dereference already freed memory and potentially execute arbitrary code. (CVE-2016-1835)

  • Libxml2 contains a use-after-free error in the xmlParseNCNameComplex() function of parser.c. The issue is triggered when parsing complex names. With a specially crafted file, a context-dependent attacker can dereference already freed memory and potentially execute arbitrary code. (CVE-2016-1836)

  • Libxml2 contains an overflow condition in the htmlParseSystemLiteral() and htmlParsePubidLiteral() functions of HTMLparser.c. The issue is triggered as user-supplied input is not properly validated when parsing characters in a range. With a specially crafted file, a context-dependent attacker can cause a heap-based buffer overflow, resulting in a denial of service or potentially allowing the execution of arbitrary code. (CVE-2016-1837)

  • Libxml2 contains an overflow condition in the xmlFAParseCharRange() function of xmlregexp.c. The issue is triggered as user-supplied input is not properly validated when parsing characters in a range. With a specially crafted file, a context-dependent attacker can cause a heap-based buffer overflow, resulting in a denial of service or potentially allowing the execution of arbitrary code. (CVE-2016-1840)

  • Multiple Apple products contains a flaw in libxslt. The issue is triggered as user-supplied input is not properly validated when handling a specially crafted website. This may allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code. (CVE-2016-1841)

  • Multiple Apple products contain a flaw in MapKit that is triggered as shared links are transferred insecurely over HTTP. This may potentially allow a man-in-the-middle attacker to gain unauthorized access to sensitive information in these links. (CVE-2016-1842)

  • Multiple Apple products contains a flaw in the OpenGL component. The issue is triggered as user-supplied input is not properly validated when handling specially crafted web content. This may allow a context-dependent attacker to corrupt memory and cause a denial of service or potentially execute arbitrary code. (CVE-2016-1847)

  • Apple Mac OS X contains a flaw in the AMD component. The issue is triggered as user-supplied input is not properly validated. This may allow a local attacker to corrupt memory and potentially execute arbitrary code with kernel privileges. (CVE-2016-1792)

  • Apple Mac OS X contains a flaw in the AMD component. The issue is triggered as bounds are not properly checked. This may allow a local attacker to determine kernel memory layout. (CVE-2016-1791)

  • Apple Mac OS X contains a NULL pointer dereference flaw in the AppleGraphicsControl component that is triggered as user-supplied input is not properly validated. This may allow a local attacker to cause a crash or potentially execute arbitrary code with kernel privileges. (CVE-2016-1793)

  • Apple Mac OS X contains a NULL pointer dereference flaw in the AppleGraphicsControlClient::checkArguments() function in AppleMuxControl.kext that is triggered as user-supplied input is not properly validated. This may allow a local attacker to cause a crash or potentially execute arbitrary code with kernel privileges. (CVE-2016-1794)

  • Apple Mac OS X contains a flaw in the AppleGraphicsPowerManagement component. The issue is triggered as user-supplied input is not properly validated. This may allow a local attacker to corrupt memory and potentially execute arbitrary code with kernel privileges. (CVE-2016-1795)

  • Apple Mac OS X contains an out-of-bounds read flaw in the ATS component. This may allow a local attacker to potentially disclose kernel memory layout. (CVE-2016-1796)

  • Apple Mac OS X contains a flaw in the ATS component that is triggered the sandbox policy is not properly implemented for FontValidator. This may allow a local attacker to potentially execute arbitrary code with system privileges. (CVE-2016-1797)

  • Apple Mac OS X contains a NULL pointer dereference flaw in the Audio component that is triggered as user-supplied input is not properly validated. This may allow a local attacker to cause a denial of service. (CVE-2016-1798)

  • Apple Mac OS X contains a flaw in the Audio component. The issue is triggered as user-supplied input is not properly validated. This may allow a local attacker to corrupt memory and potentially execute arbitrary code with kernel privileges. (CVE-2016-1799)

  • Apple Mac OS X contains a flaw in the Captive Network Assistant component that is triggered as URL schemes are not properly validated. This may allow a user-assisted, man-in-the-middle attacker to potentially execute arbitrary code. (CVE-2016-1800)

  • Apple Mac OS X contains an unspecified configuration flaw in the CoreStorage component. This may allow a local attacker to potentially execute arbitrary code with kernel privileges. (CVE-2016-1805)

  • Apple Mac OS X contains a flaw in the Crash Reporter component (com.apple.SubmitDiagInfo) that is triggered when handling user-supplied paths when creating directories. This may allow a local attacker to execute arbitrary code with root privileges. (CVE-2016-1806)

  • Apple Mac OS X contains a flaw in the Disk Utility component that is triggered as the incorrect keys were used to encrypt disk images. This may result in disk images not being properly compressed and encrypted. (CVE-2016-1809)

  • Apple Mac OS X contains a NULL pointer dereference flaw in the ImageIO component that is triggered when handling a specially crafted image. This may allow a context-dependent attacker to cause a denial of service. (CVE-2016-1810)

  • Apple Mac OS X contains an overflow condition in the Intel Graphics Driver component. The issue is triggered as user-supplied input is not properly validated. This may allow a local attacker to cause a buffer overflow, resulting in a denial of service or potentially allowing the execution of arbitrary code with kernel privileges. (CVE-2016-1812)

  • Apple Mac OS X contains a NULL pointer dereference in IOAcceleratorFamily that is triggered as user-supplied input is not properly sanitized. This may allow a local attacker to execute arbitrary code with kernel privileges. (CVE-2016-1816)

  • Apple Mac OS X contains an overflow condition in the IOAudioFamily component. The issue is triggered as user-supplied input is not properly validated. This may allow a local attacker to cause a buffer overflow, resulting in a denial of service or potentially allowing the execution of arbitrary code with kernel privileges. (CVE-2016-1820)

  • Apple Mac OS X contains a NULL pointer dereference in the IOAudioFamily component. This may allow a local attacker to cause a crash or potentially execute arbitrary code with kernel privileges. (CVE-2016-1821)

  • Apple Mac OS X contains a flaw in the IOFireWireFamily component. The issue is triggered as user-supplied input is not properly validated. This may allow a local attacker to corrupt memory and cause a denial of service or potentially execute arbitrary code with kernel privileges. (CVE-2016-1822)

  • Apple Mac OS X contains multiple flaws in the IOHIDFamily component. These issues are triggered as user-supplied input is not properly validated. This may allow a local attacker to corrupt memory and cause a denial of service or potentially execute arbitrary code with kernel privileges. (CVE-2016-1825)

  • Apple Mac OS X contains an integer overflow condition in its dtrace implementation. The issue is triggered as user-supplied input is not properly validated. This may allow a local attacker to execute arbitrary code with kernel privileges. (CVE-2016-1826)

  • Apple Mac OS X contains a flaw in the Messages component that is triggered by a failure to properly validate roster changes. This may allow an authenticated remote attacker, or a malicious server, to manipulate another user’s contact list. (CVE-2016-1844)

  • Apple Mac OS X contains a flaw in the Messages component that is triggered by an encoding issue in filename parsing. This may allow a remote attacker to gain unauthorized access to potentially sensitive user information. (CVE-2016-1843)

  • Apple Mac OS X contains a NULL pointer dereference flaw in the nvCommandQueue::GetHandleIndex() function in the NVIDIA Graphics Driver (GeForce.kext). This may allow a local attacker to cause a crash or potentially execute arbitrary code with kernel privileges. (CVE-2016-1846)

  • Apple Mac OS X contains a flaw in the QuickTime component. The issue is triggered as user-supplied input is not properly validated when handling a specially crafted file. This may allow a context-dependent attacker to corrupt memory and cause a denial of service or potentially execute arbitrary code. (CVE-2016-1848)

  • Apple Mac OS X contains a flaw in the SceneKit component. The issue is triggered as user-supplied input is not properly validated when handling a specially crafted file. This may allow a context-dependent attacker to corrupt memory and cause a denial of service or potentially execute arbitrary code. (CVE-2016-1850)

  • Apple Mac OS X contains a flaw in the management of password profiles. This may allow a physically present attacker to bypass the screen lock and reset an expired password. (CVE-2016-1851)

  • Apple Mac OS X contains a flaw in the Tcl component related to the usage of SSLv2. This may potentially allow an attacker with the ability to intercept network traffic (e.g. MitM, DNS cache poisoning) to disclose transmitted data. (CVE-2016-1853)

  • Apple Mac OS X contains an overflow condition in the NVIDIA Graphics Driver (GeForce.kext). This may allow a local attacker to cause a stack-based buffer overflow and potentially execute arbitrary code with kernel privileges. (CVE-2016-1861)

  • No description supplied (CVE-2016-1833, CVE-2016-1839, CVE-2016-1815, CVE-2016-1804)

Binary data 802004.prm

References

Related

apple 8
nessus 19
openvas 18
prion 25
cvelist 30
cve 27
nvd 26
archlinux 1
suse 4
ibm 7
freebsd 1
redhat 1
amazon 1
altlinux 3
centos 1
oraclelinux 1
fedora 2
mageia 1
debian 3
cloudfoundry 1
osv 1
symantec 1
ubuntu 1
filippoio 2
seebug 1
talos 1
zdi 4
zdt 5
exploitpack 1
exploitdb 2
apple
apple
About the security content of watchOS 2.2.1
2016-05-16 00:00:00
About the security content of OS X El Capitan v10.11.5 and Security Update 2016-003 - Apple Support
2017-01-23 03:54:39
About the security content of watchOS 2.2.1 - Apple Support
2017-01-23 03:54:39
nessus
nessus
Mac OS X 10.11.x < 10.11.5 Multiple Vulnerabilities
2016-05-19 00:00:00
Mac OS X 10.9.5 / 10.10.5 Multiple Vulnerabilities (Security Update 2016-003)
2016-05-19 00:00:00
Apple TV < 9.2.1 Multiple Vulnerabilities
2016-05-24 00:00:00
openvas
openvas
Apple Mac OS X Multiple Vulnerabilities-01 (Nov 2016)
2016-11-22 00:00:00
openSUSE: Security Advisory for libxml2 (openSUSE-SU-2016:1594-1)
2016-06-17 00:00:00
Amazon Linux: Security Advisory (ALAS-2016-719)
2016-10-26 00:00:00
prion
prion
Memory corruption
2016-05-20 10:59:00
Memory corruption
2016-05-20 10:59:00
Memory corruption
2016-05-20 10:59:00
cvelist
cvelist
CVE-2016-1828
2016-05-20 10:00:00
CVE-2016-1830
2016-05-20 10:00:00
CVE-2016-1829
2016-05-20 10:00:00
cve
cve
CVE-2016-1829
2016-05-20 10:59:42
CVE-2016-1828
2016-05-20 10:59:41
CVE-2016-1827
2016-05-20 10:59:40
nvd
nvd
CVE-2016-1827
2016-05-20 10:59:40
CVE-2016-1828
2016-05-20 10:59:41
CVE-2016-1829
2016-05-20 10:59:42
archlinux
archlinux
libxml2: multiple issues
2016-05-26 00:00:00
suse
suse
Security update for libxml2 (important)
2016-06-16 13:08:21
Security update for libxml2 (important)
2016-06-16 13:10:48
Security update for libxml2 (important)
2016-06-09 18:07:56
ibm
ibm
Security Bulletin: Multiple vulnerabilities in XMLsoft Libxml2 and OpenSSL affect IBM Netezza Analytics
2019-10-18 03:10:29
Security Bulletin: Multiple vulnerabilities in libxml2 affect IBM Security Network Protection
2018-06-16 21:44:27
Security Bulletin: Libxml2 vulnerabilities affect IBM SmartCloud Entry
2020-07-19 00:49:12
freebsd
freebsd
libxml2 -- multiple vulnerabilities
2016-05-23 00:00:00
redhat
redhat
(RHSA-2016:1292) Important: libxml2 security update
2016-06-23 08:21:08
amazon
amazon
Important: libxml2
2016-07-14 16:30:00
altlinux
altlinux
Security fix for the ALT Linux 8 package libxml2 version 1:2.9.4.0.12.e905-alt1
2017-03-07 00:00:00
Security fix for the ALT Linux 9 package libxml2 version 1:2.9.4.0.12.e905-alt1
2017-03-03 00:00:00
Security fix for the ALT Linux 10 package libxml2 version 1:2.9.4.0.12.e905-alt1
2017-03-03 00:00:00
centos
centos
libxml2 security update
2016-06-23 15:28:21
oraclelinux
oraclelinux
libxml2 security update
2016-06-23 00:00:00
fedora
fedora
[SECURITY] Fedora 25 Update: libxml2-2.9.4-2.fc25
2017-04-19 09:32:17
[SECURITY] Fedora 24 Update: libxml2-2.9.4-2.fc24
2017-04-19 07:53:28
mageia
mageia
Updated libxml2 packages fix security vulnerability
2016-07-27 00:59:16
debian
debian
[SECURITY] [DSA 3593-1] libxml2 security update
2016-06-02 20:28:31
[SECURITY] [DSA 3593-1] libxml2 security update
2016-06-02 20:28:31
[SECURITY] [DLA 503-1] libxml2 security update
2016-06-03 19:22:01
cloudfoundry
cloudfoundry
USN-2994-1 libxml2 vulnerabilities | Cloud Foundry
2016-06-13 00:00:00
osv
osv
python-libxml2-2.9.4-1.4 on GA media
2024-06-15 00:00:00
symantec
symantec
SA129 : Multiple libxml2 Vulnerabilities
2016-09-01 08:00:00
ubuntu
ubuntu
libxml2 vulnerabilities
2016-06-06 00:00:00
filippoio
filippoio
A secure captive portal browser with automatic DNS detection
2017-09-16 14:47:47
A secure captive portal browser with automatic DNS detection
2017-09-16 14:47:47
seebug
seebug
Apple OS X Scene Kit DAE XML Code Execution Vulnerability(CVE-2016-1850)
2017-10-17 00:00:00
talos
talos
Apple OS X Scene Kit DAE XML Code Execution Vulnerability
2016-07-18 00:00:00
zdi
zdi
Apple OS X IOKit CoreCaptureResponder Privilege Escalation Vulnerability
2016-05-19 00:00:00
Apple OS X DTrace Privilege Escalation Vulnerability
2016-05-19 00:00:00
Apple OS X IOAcceleratorFamily2 Buffer Overflow Privilege Escalation Vulnerability
2016-05-19 00:00:00
zdt
zdt
Apple Mac OSX - Kernel Exploitable NULL Dereference in CoreCaptureResponder Due to Unchecked Return
2016-06-10 00:00:00
Apple OS X Yosemite - flow_divert-heap-overflow Kernel Panic Exploit
2018-03-03 00:00:00
Apple Mac OSX - Kernel Exploitable Null Pointer Dereference in nvCommandQueue::GetHandleIndex in GeF
2016-06-10 00:00:00
exploitpack
exploitpack
Apple OS X Yosemite - flow_divert-heap-overflow Kernel Panic
2017-01-10 00:00:00
exploitdb
exploitdb
Apple OS X Yosemite - &#039;flow_divert-heap-overflow&#039; Kernel Panic
2017-01-10 00:00:00
Apple Mac OSX Kernel - Null Pointer Dereference in nvCommandQueue::GetHandleIndex in GeForce.kext
2016-06-10 00:00:00

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.096

Percentile

94.9%

JSON
Related for 802004.PRM
apple8nessus19openvas18prion25cvelist30cve27nvd26archlinux1suse4ibm7freebsd1redhat1amazon1altlinux3centos1oraclelinux1fedora2mageia1debian3cloudfoundry1osv1symantec1ubuntu1filippoio2seebug1talos1zdi4zdt5exploitpack1exploitdb2