exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Apple Security Advisory 2014-06-30-2

Apple Security Advisory 2014-06-30-2
Posted Jul 1, 2014
Authored by Apple | Site apple.com

Apple Security Advisory 2014-06-30-2 - OS X Mavericks 10.9.4 and Security Update 2014-003 are now available and address application termination, code execution, sandbox circumvention, bypass, and various other vulnerabilities.

tags | advisory, vulnerability, code execution
systems | apple, osx
advisories | CVE-2014-0015, CVE-2014-1317, CVE-2014-1355, CVE-2014-1356, CVE-2014-1357, CVE-2014-1358, CVE-2014-1359, CVE-2014-1361, CVE-2014-1370, CVE-2014-1371, CVE-2014-1372, CVE-2014-1373, CVE-2014-1375, CVE-2014-1376, CVE-2014-1377, CVE-2014-1378, CVE-2014-1379, CVE-2014-1380, CVE-2014-1381
SHA-256 | 04175ba9d75c6817a330078bf668fd8c21fb546a488235f12c20d2f985c67216

Apple Security Advisory 2014-06-30-2

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

APPLE-SA-2014-06-30-2 OS X Mavericks 10.9.4 and Security Update
2014-003

OS X Mavericks 10.9.4 and Security Update 2014-003 are now available
and address the following:

Certificate Trust Policy
Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5,
OS X Mountain Lion v10.8.5, OS X Mavericks 10.9 to 10.9.3
Impact: Update to the certificate trust policy
Description: The certificate trust policy was updated. The complete
list of certificates may be viewed at
http://support.apple.com/kb/HT6005.

copyfile
Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5,
OS X Mountain Lion v10.8.5, OS X Mavericks 10.9 to 10.9.3
Impact: Opening a maliciously crafted zip file may lead to an
unexpected application termination or arbitrary code execution
Description: An out of bounds byte swapping issue existed in the
handling of AppleDouble files in zip archives. This issue was
addressed through improved bounds checking.
CVE-ID
CVE-2014-1370 : Chaitanya (SegFault) working with iDefense VCP

curl
Available for: OS X Mavericks 10.9 to 10.9.3
Impact: A remote attacker may be able to gain access to another
user's session
Description: cURL re-used NTLM connections when more than one
authentication method was enabled, which allowed an attacker to gain
access to another user's session.
CVE-ID
CVE-2014-0015

Dock
Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5,
OS X Mountain Lion v10.8.5, OS X Mavericks 10.9 to 10.9.3
Impact: A sandboxed application may be able to circumvent sandbox
restrictions
Description: An unvalidated array index issue existed in the
Dock's handling of messages from applications. A maliciously
crafted message could cause an invalid function pointer to be
dereferenced, which could lead to an unexpected application
termination or arbitrary code execution.
CVE-ID
CVE-2014-1371 : an anonymous researcher working with HP's Zero Day
Initiative

Graphics Driver
Available for: OS X Mountain Lion v10.8.5,
OS X Mavericks 10.9 to 10.9.3
Impact: A local user can read kernel memory, which can be used to
bypass kernel address space layout randomization
Description: An out-of-bounds read issue existed in the handling of
a system call. This issue was addressed through improved bounds
checking.
CVE-ID
CVE-2014-1372 : Ian Beer of Google Project Zero

iBooks Commerce
Available for: OS X Mavericks 10.9 to 10.9.3
Impact: An attacker with access to a system may be able to recover
Apple ID credentials
Description: An issue existed in the handling of iBooks logs. The
iBooks process could log Apple ID credentials in the iBooks log where
other users of the system could read it. This issue was addressed by
disallowing logging of credentials.
CVE-ID
CVE-2014-1317 : Steve Dunham

Intel Graphics Driver
Available for: OS X Mountain Lion v10.8.5,
OS X Mavericks 10.9 to 10.9.3
Impact: A malicious application may be able to execute arbitrary
code with system privileges
Description: A validation issue existed in the handling of an OpenGL
API call. This issue was addressed through improved bounds checking.
CVE-ID
CVE-2014-1373 : Ian Beer of Google Project Zero

Intel Graphics Driver
Available for: OS X Mavericks 10.9 to 10.9.3
Impact: A local user can read a kernel pointer, which can be used to
bypass kernel address space layout randomization
Description: A kernel pointer stored in an IOKit object could be
retrieved from userland. This issue was addressed by removing the
pointer from the object.
CVE-ID
CVE-2014-1375

Intel Compute
Available for: OS X Mountain Lion v10.8.5,
OS X Mavericks 10.9 to 10.9.3
Impact: A malicious application may be able to execute arbitrary
code with system privileges
Description: A validation issue existed in the handling of an OpenCL
API call. This issue was addressed through improved bounds checking.
CVE-ID
CVE-2014-1376 : Ian Beer of Google Project Zero

IOAcceleratorFamily
Available for: OS X Mountain Lion v10.8.5,
OS X Mavericks 10.9 to 10.9.3
Impact: A malicious application may be able to execute arbitrary
code with system privileges
Description: An array indexing issue existed in IOAcceleratorFamily.
This issue was addressed through improved bounds checking.
CVE-ID
CVE-2014-1377 : Ian Beer of Google Project Zero

IOGraphicsFamily
Available for: OS X Mavericks 10.9 to 10.9.3
Impact: A local user can read a kernel pointer, which can be used to
bypass kernel address space layout randomization
Description: A kernel pointer stored in an IOKit object could be
retrieved from userland. This issue was addressed by using a unique
ID instead of a pointer.
CVE-ID
CVE-2014-1378

IOReporting
Available for: OS X Mavericks 10.9 to 10.9.3
Impact: A local user could cause an unexpected system restart
Description: A null pointer dereference existed in the handling of
IOKit API arguments. This issue was addressed through additional
validation of IOKit API arguments.
CVE-ID
CVE-2014-1355 : cunzhang from Adlab of Venustech

launchd
Available for: OS X Mavericks 10.9 to 10.9.3
Impact: A malicious application may be able to execute arbitrary
code with system privileges
Description: An integer underflow existed in launchd. This issue was
addressed through improved bounds checking.
CVE-ID
CVE-2014-1359 : Ian Beer of Google Project Zero

launchd
Available for: OS X Mavericks 10.9 to 10.9.3
Impact: A malicious application may be able to execute arbitrary
code with system privileges
Description: A heap buffer overflow existed in launchd's handling of
IPC messages. This issue was addressed through improved bounds
checking.
CVE-ID
CVE-2014-1356 : Ian Beer of Google Project Zero

launchd
Available for: OS X Mavericks 10.9 to 10.9.3
Impact: A malicious application may be able to execute arbitrary
code with system privileges
Description: A heap buffer overflow existed in launchd's handling of
log messages. This issue was addressed through improved bounds
checking.
CVE-ID
CVE-2014-1357 : Ian Beer of Google Project Zero

launchd
Available for: OS X Mavericks 10.9 to 10.9.3
Impact: A malicious application may be able to execute arbitrary
code with system privileges
Description: An integer overflow existed in launchd. This issue was
addressed through improved bounds checking.
CVE-ID
CVE-2014-1358 : Ian Beer of Google Project Zero

Graphics Drivers
Available for: OS X Mountain Lion v10.8.5,
OS X Mavericks 10.9 to 10.9.3
Impact: A malicious application may be able to execute arbitrary
code with system privileges
Description: Multiple null dereference issues existed in kernel
graphics drivers. A maliciously crafted 32-bit executable may have
been able to obtain elevated privileges.
CVE-ID
CVE-2014-1379 : Ian Beer of Google Project Zero

Security - Keychain
Available for: OS X Mavericks 10.9 to 10.9.3
Impact: An attacker may be able to type into windows under the
screen lock
Description: Under rare circumstances, the screen lock did not
intercept keystrokes. This could have allowed an attacker to type
into windows under the screen lock. This issue was addressed through
improved keystroke observer management.
CVE-ID
CVE-2014-1380 : Ben Langfeld of Mojo Lingo LLC

Security - Secure Transport
Available for: OS X Mountain Lion v10.8.5,
OS X Mavericks 10.9 to 10.9.3
Impact: Two bytes of memory could be disclosed to a remote attacker
Description: An uninitialized memory access issue existing in the
handling of DTLS messages in a TLS connection. This issue was
addressed by only accepting DTLS messages in a DTLS connection.
CVE-ID
CVE-2014-1361 : Thijs Alkemade of The Adium Project

Thunderbolt
Available for: OS X Mavericks 10.9 to 10.9.3
Impact: A malicious application may be able to execute arbitrary
code with system privileges
Description: An out of bounds memory access issue existed in the
handling of IOThunderBoltController API calls. This issue was
addressed through improved bounds checking.
CVE-ID
CVE-2014-1381 : Catherine aka winocm

Note: OS X Mavericks 10.9.4 includes the security content of
Safari 7.0.5: http://support.apple.com/kb/HT6293

OS X Mavericks v10.9.4 and Security Update 2014-003 may be obtained
from the Mac App Store or Apple's Software Downloads web site:
http://www.apple.com/support/downloads/

Information will also be posted to the Apple Security Updates
web site: http://support.apple.com/kb/HT1222

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/

-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.22 (Darwin)
Comment: GPGTools - http://gpgtools.org

iQIcBAEBAgAGBQJTsaMSAAoJEBcWfLTuOo7tUdIP/0x0EEGzOcen6JGSpYJ4OEkN
6yGYrYW+HxxSGoPEjQdywVHUAu3axXHLhwOaPqMRy6vfWD+ncgV1CEjBuKotyDPX
a569ZB6kaDKjrJe8ulp6brteKGEJ5PsK415GKpylzTVhP1DYG3WLRK7PCo0VrSNM
Kx3qwxp2OexiNOOGDM8o5CQvB12Q7CZD7ozZojy5BND9/+ZwWD/2caILFRye7yvb
nak6PaciX9Riz0ztTxszlGJR1mDVG4Mo/qmgBI01E5WfOWTd/ykbJ/bOtwZDUBHr
Q/Z4yfPRUdrTHHZQNpo4aIYnyEekKE77RWdav38O6dXCNYAfxKGUOrYDTrAajpDR
uqAPSkyI5u1gz6zqyrXomDlxpjKXIDBYck3If1cPjFyHOxgA1JgyRaW6RxNV+HXo
T/dhKkolC6BkCkNWPjYEXH8btOdqHAVY0t0yE/RD5phoknDIEmVDTFg1uAaY9jFR
1srSoAOur3zbTNzgh6FpAzJb2BgmUqERyF3rOwLDAgStYNkXwIEqGiq3+Ko9JBx4
FiT+Uds2WEIzDK5DQhYtwDZaLfjDtBztIps+SfJmLayCgvYyYrQze7LF0iVp4aka
ePNXZkIXA7Llnm3GWPpdFi2msqDfJgZxf0BogBOo6mCXYO7r575NdoJ2AavDeTgr
+/tiYIHJ5pUCKf+C8xJC
=HkFr
-----END PGP SIGNATURE-----

Login or Register to add favorites

File Archive:

October 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    39 Files
  • 2
    Oct 2nd
    23 Files
  • 3
    Oct 3rd
    0 Files
  • 4
    Oct 4th
    0 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close