Serious Tennis 1.0 Mac OS
John Patrick McEnroe Jr. (born February 16, 1959) is a former professional American tennis player. He was known for his shot-making and volleying skills, in addition to confrontational on-court behavior that frequently landed him in trouble with umpires and tennis authorities. To the surprise of many, given their very long-standing PC-only product line, Sound Forge Pro Mac is with us now. While it bears some visual similarities to Sound Forge on the PC, Sony are at pains to point out that this is not a port: Sound Forge Pro Mac 1.0 has been built from scratch for OS X.
This document describes the security content of OS X Lion v10.7.3 and Security Update 2012-001, which can be downloaded and installed via Software Update preferences, or from Apple Downloads.
For the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases are available. To learn more about Apple Product Security, see the Apple Product Security website.
For information about the Apple Product Security PGP Key, see 'How to use the Apple Product Security PGP Key.'
Where possible, CVE IDs are used to reference the vulnerabilities for further information.
To learn about other Security Updates, see 'Apple Security Updates'.
OS X Lion v10.7.3 and Security Update 2012-001
Address Book
Available for: OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2
Impact: An attacker in a privileged network position may intercept CardDAV data
Description: Address Book supports Secure Sockets Layer (SSL) for accessing CardDAV. A downgrade issue caused Address Book to attempt an unencrypted connection if an encrypted connection failed. An attacker in a privileged network position could abuse this behavior to intercept CardDAV data. This issue is addressed by not downgrading to an unencrypted connection without user approval.
CVE-ID
CVE-2011-3444 : Bernard Desruisseaux of Oracle Corporation
Apache
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2
Impact: Multiple vulnerabilities in Apache
Description: Apache is updated to version 2.2.21 to address several vulnerabilities, the most serious of which may lead to a denial of service. Further information is available via the Apache web site at http://httpd.apache.org/
CVE-ID
CVE-2011-3348
Apache
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2
Impact: An attacker may be able to decrypt data protected by SSL
Description: There are known attacks on the confidentiality of SSL 3.0 and TLS 1.0 when a cipher suite uses a block cipher in CBC mode. Apache disabled the 'empty fragment' countermeasure which prevented these attacks. This issue is addressed by providing a configuration parameter to control the countermeasure and enabling it by default.
CVE-ID
CVE-2011-3389
ATS
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2
Impact: Opening a maliciously crafted font in Font Book may lead to an unexpected application termination or arbitrary code execution
Description: A memory management issue existed in ATS' handling ofs handling of malformed URLs. When accessing a maliciously crafted URL, CFNetwork could send unexpected request headers. This issue does not affect systems prior to OS X Lion.
CVE-ID
CVE-2011-3447 : Erling Ellingsen of Facebook
ColorSync
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8
Impact: Viewing a maliciously crafted image with an embedded ColorSync profile may lead to an unexpected application termination or arbitrary code execution
Description: An integer overflow existed in the handling of images with an embedded ColorSync profile, which may lead to a heap buffer overflow. This issue does not affect OS X Lion systems.
CVE-ID
CVE-2011-0200 : binaryproof working with TippingPoint's Zero Day Initiative
CoreAudio
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8
Impact: Playing maliciously crafted audio content may lead to an unexpected application termination or arbitrary code execution
Description: A buffer overflow existed in the handling of AAC encoded audio streams. This issue does not affect OS X Lion systems.
CVE-ID
CVE-2011-3252 : Luigi Auriemma working with TippingPoint's Zero Day Initiative
CoreMedia
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2
Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution
Description: A heap buffer overflow existed in CoreMedia's handling of H.264 encoded movie files.
CVE-ID
CVE-2011-3448 : Scott Stender of iSEC Partners
CoreText
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2
Impact: Viewing or downloading a document containing a maliciously crafted embedded font may lead to an unexpected application termination or arbitrary code execution
Description: A use after free issue existed in the handling of font files.
CVE-ID
CVE-2011-3449 : Will Dormann of the CERT/CC
CoreUI
Available for: OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2
Impact: Visiting a malicious website may lead to an unexpected application termination or arbitrary code execution
Description: An unbounded stack allocation issue existed in the handling of long URLs. This issue does not affect systems prior to OS X Lion.
CVE-ID
CVE-2011-3450 : Ben Syverson
curl
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2
Impact: A remote server may be able to impersonate clients via GSSAPI requests
Description: When doing GSSAPI authentication, libcurl unconditionally performs credential delegation. This issue is addressed by disabling GSSAPI credential delegation.
CVE-ID
CVE-2011-2192
Data Security
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2
Impact: An attacker with a privileged network position may intercept user credentials or other sensitive information
Description: Two certificate authorities in the list of trusted root certificates have independently issued intermediate certificates to DigiCert Malaysia. DigiCert Malaysia has issued certificates with weak keys that it is unable to revoke. An attacker with a privileged network position could intercept user credentials or other sensitive information intended for a site with a certificate issued by DigiCert Malaysia. This issue is addressed by configuring default system trust settings so that DigiCert Malaysia's certificates are not trusted. We would like to acknowledge Bruce Morton of Entrust, Inc. for reporting this issue.
dovecot
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2
Impact: An attacker may be able to decrypt data protected by SSL
Description: There are known attacks on the confidentiality of SSL 3.0 and TLS 1.0 when a cipher suite uses a block cipher in CBC mode. Dovecot disabled the 'empty fragment' countermeasure which prevented these attacks. This issue is addressed by enabling the countermeasure.
CVE-ID
CVE-2011-3389 : Apple
filecmds
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2
Impact: Decompressing a maliciously crafted compressed file may lead to an unexpected application termination or arbitrary code execution
Description: A buffer overflow existed in the 'uncompress' command line tool.
CVE-ID
CVE-2011-2895
ImageIO
Available for: OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2
Impact: Viewing a maliciously crafted TIFF file may lead to an unexpected application termination or arbitrary code execution
Description: A buffer overflow existed in libtiff's handling of ThunderScan encoded TIFF images. This issue is addressed by updating libtiff to version 3.9.5.
CVE-ID
CVE-2011-1167
ImageIO
Available for: OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2
Impact: Multiple vulnerabilities in libpng 1.5.4
Description: libpng is updated to version 1.5.5 to address multiple vulnerabilities, the most serious of which may lead to arbitrary code execution. Further information is available via the libpng website at http://www.libpng.org/pub/png/libpng.html
CVE-ID
CVE-2011-3328
Internet Sharing
Available for: OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2
Impact: A Wi-Fi network created by Internet Sharing may lose security settings after a system update
Description: After updating to a version of OS X Lion prior to 10.7.3, the Wi-Fi configuration used by Internet Sharing may revert to factory defaults, which disables the WEP password. This issue only affects systems with Internet Sharing enabled and sharing the connection to Wi-Fi. This issue is addressed by preserving the Wi-Fi configuration during a system update.
CVE-ID
CVE-2011-3452 : an anonymous researcher
Libinfo
Available for: OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2
Impact: Visiting a maliciously crafted website may lead to the disclosure of sensitive information
Description: An issue existed in Libinfo's handling of hostname lookup requests. Libinfo could return incorrect results for a maliciously crafted hostname. This issue does not affect systems prior to OS X Lion.
CVE-ID
CVE-2011-3441 : Erling Ellingsen of Facebook
libresolv
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2
Impact: Applications that use OS X's libresolv library may be vulnerable to an unexpected application termination or arbitrary code execution
Description: An integer overflow existed in the parsing of DNS resource records, which may lead to heap memory corruption.
CVE-ID
CVE-2011-3453 : Ilja van Sprundel of IOActive
libsecurity
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2
Impact: Some EV certificates may be trusted even if the corresponding root has been marked as untrusted
Description: The certificate code trusted a root certificate to sign EV certificates if it was on the list of known EV issuers, even if the user had marked it as 'Never Trust' in Keychain. The root would not be trusted to sign non-EV certificates.
CVE-ID
CVE-2011-3422 : Alastair Houghton
Serious Tennis 1.0 Mac Os 7
OpenGL
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2
Impact: Applications that use OS X's OpenGL implementation may be vulnerable to an unexpected application termination or arbitrary code execution
Description: Multiple memory corruption issues existed in the handling of GLSL compilation.
CVE-ID
CVE-2011-3457 : Chris Evans of the Google Chrome Security Team, and Marc Schoenefeld of the Red Hat Security Response Team
PHP
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2
Impact: Multiple vulnerabilities in PHP 5.3.6
Description: PHP is updated to version 5.3.8 to address several vulnerabilities, the most serious of which may lead to arbitrary code execution. Further information is available via the PHP web site at http://www.php.net
CVE-ID
CVE-2011-1148
CVE-2011-1657
CVE-2011-1938
CVE-2011-2202
CVE-2011-2483
CVE-2011-3182
CVE-2011-3189
CVE-2011-3267
CVE-2011-3268
PHP
Available for: OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2
Impact: Viewing a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution
Description: A memory corruption issue existed in FreeType's handling of Type 1 fonts. This issue is addressed by updating FreeType to version 2.4.7. Further information is available via the FreeType site at http://www.freetype.org/
CVE-ID
CVE-2011-3256 : Apple
PHP
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2
Impact: Multiple vulnerabilities in libpng 1.5.4
Description: libpng is updated to version 1.5.5 to address multiple vulnerabilities, the most serious of which may lead to arbitrary code execution. Further information is available via the libpng website at http://www.libpng.org/pub/png/libpng.html
CVE-ID
CVE-2011-3328
QuickTime
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2
Impact: Opening a maliciously crafted MP4 encoded file may lead to an unexpected application termination or arbitrary code execution
Description: An uninitialized memory access issue existed in the handling of MP4 encoded files.
CVE-ID
CVE-2011-3458 : Luigi Auriemma and pa_kt both working with TippingPoint's Zero Day Initiative
QuickTime
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2
Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution
Description: A signedness issue existed in the handling of font tables embedded in QuickTime movie files.
CVE-ID
CVE-2011-3248 : Luigi Auriemma working with TippingPoint's Zero Day Initiative
QuickTime
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2
Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution
Description: An off by one buffer overflow existed in the handling of rdrf atoms in QuickTime movie files.
CVE-ID
CVE-2011-3459 : Luigi Auriemma working with TippingPoint's Zero Day Initiative
QuickTime
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2
Impact: Viewing a maliciously crafted JPEG2000 image file may lead to an unexpected application termination or arbitrary code execution
Description: A buffer overflow existed in the handling of JPEG2000 files.
CVE-ID
CVE-2011-3250 : Luigi Auriemma working with TippingPoint's Zero Day Initiative
QuickTime
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2
Impact: Processing a maliciously crafted PNG image may lead to an unexpected application termination or arbitrary code execution
Description: A buffer overflow existed in the handling of PNG files.
CVE-ID
CVE-2011-3460 : Luigi Auriemma working with TippingPoint's Zero Day Initiative
QuickTime
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2
Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution
Description: A buffer overflow existed in the handling of FLC encoded movie files
CVE-ID
CVE-2011-3249 : Matt 'j00ru' Jurczyk working with TippingPoint's Zero Day Initiative
SquirrelMail
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8
Impact: Multiple vulnerabilities in SquirrelMail
Description: SquirrelMail is updated to version 1.4.22 to address several vulnerabilities, the most serious of which is a cross-site scripting issue. This issue does not affect OS X Lion systems. Further information is available via the SquirrelMail web site at http://www.SquirrelMail.org/
CVE-ID
CVE-2010-1637
CVE-2010-2813
CVE-2010-4554
CVE-2010-4555
CVE-2011-2023
Subversion
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2
Impact: Accessing a Subversion repository may lead to the disclosure of sensitive information
Description: Subversion is updated to version 1.6.17 to address multiple vulnerabilities, the most serious of which may lead to the disclosure of sensitive information. Further information is available via the Subversion web site at http://subversion.apache.org/
CVE-ID
CVE-2011-1752
CVE-2011-1783
CVE-2011-1921
Time Machine
Available for: OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2
Impact: A remote attacker may access new backups created by the user's system
Description: The user may designate a remote AFP volume or Time Capsule to be used for Time Machine backups. Time Machine did not verify that the same device was being used for subsequent backup operations. An attacker who is able to spoof the remote volume could gain access to new backups created by the user's system. This issue is addressed by verifying the unique identifier associated with a disk for backup operations.
CVE-ID
CVE-2011-3462 : Michael Roitzsch of the Technische Universität Dresden
Tomcat
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8
Impact: Multiple vulnerabilities in Tomcat 6.0.32
Description: Tomcat is updated to version 6.0.33 to address multiple vulnerabilities, the most serious of which may lead to the disclosure of sensitive information. Tomcat is only provided on Mac OS X Server systems. This issue does not affect OS X Lion systems. Further information is available via the Tomcat site at http://tomcat.apache.org/
CVE-ID
CVE-2011-2204
WebDAV Sharing
Available for: OS X Lion Server v10.7 to v10.7.2
Impact: Local users may obtain system privileges
Description: An issue existed in WebDAV Sharing's handling of user authentication. A user with a valid account on the server or one of its bound directories could cause the execution of arbitrary code with system privileges. This issue does not affect systems prior to OS X Lion.
CVE-ID
CVE-2011-3463 : Gordon Davisson of Crywolf
Webmail
Available for: OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2
Impact: Viewing a maliciously crafted e-mail message may lead to the disclosure of message content
Description: A cross-site scripting vulnerability existed in the handling of mail messages. This issue is addressed by updating Roundcube Webmail to version 0.6. This issue does not affect systems prior to OS X Lion. Further information is available via the Roundcube site at http://trac.roundcube.net/
CVE-ID
CVE-2011-2937
X11
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2
Impact: Viewing a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution
Description: A memory corruption issue existed in FreeType's handling of Type 1 fonts. This issue is addressed by updating FreeType to version 2.4.7. Further information is available via the FreeType site at http://www.freetype.org/
CVE-ID
CVE-2011-3256 : Apple
This document describes the security content of OS X Mountain Lion v10.8.2, OS X Lion v10.7.5, and Security Update 2012-004.
For the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases are available. To learn more about Apple Product Security, see the Apple Product Security website.
For information about the Apple Product Security PGP Key, see 'How to use the Apple Product Security PGP Key.'
Where possible, CVE IDs are used to reference the vulnerabilities for further information.
To learn about other Security Updates, see 'Apple Security Updates'.
OS X Mountain Lion v10.8.2, OS X Lion v10.7.5 and Security Update 2012-004
Note: OS X Mountain Lion v10.8.2 includes the content of Safari 6.0.1. For further details see About the security content of Safari 6.0.1.
Apache
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4
Impact: Multiple vulnerabilities in Apache
Description: Apache is updated to version 2.2.22 to address several vulnerabilities, the most serious of which may lead to a denial of service. Further information is available via the Apache web site at http://httpd.apache.org/. This issue does not affect OS X Mountain Lion systems.
CVE-ID
CVE-2011-3368
CVE-2011-3607
CVE-2011-4317
CVE-2012-0021
CVE-2012-0031
CVE-2012-0053
BIND
Available for: OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4
Impact: A remote attacker may be able to cause a denial of service in systems configured to run BIND as a DNS nameserver
Description: A reachable assertion issue existed in the handling of DNS records. This issue was addressed by updating to BIND 9.7.6-P1. This issue does not affect OS X Mountain Lion systems.
CVE-ID
CVE-2011-4313
BIND
Available for: OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4, OS X Mountain Lion v10.8 and v10.8.1
Impact: A remote attacker may be able to cause a denial of service, data corruption, or obtain sensitive information from process memory in systems configured to run BIND as a DNS nameserver
Description: A memory management issue existed in the handling of DNS records. This issue was addressed by updating to BIND 9.7.6-P1 on OS X Lion systems, and BIND 9.8.3-P1 on OS X Mountain Lion systems.
CVE-ID
CVE-2012-1667
CoreText
Available for: OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4
Impact: Applications that use CoreText may be vulnerable to an unexpected application termination or arbitrary code execution
Description: A bounds checking issue existed in the handling of text glyphs, which may lead to out of bounds memory reads or writes. This issue was addressed through improved bounds checking. This issue does not affect Mac OS X v10.6 or OS X Mountain Lion systems.
CVE-ID
CVE-2012-3716 : Jesse Ruderman of Mozilla Corporation
Data Security
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4, OS X Mountain Lion v10.8 and v10.8.1
Impact: An attacker with a privileged network position may intercept user credentials or other sensitive information
Description: TrustWave, a trusted root CA, has issued, and subsequently revoked, a sub-CA certificate from one of its trusted anchors. This sub-CA facilitated the interception of communications secured by Transport Layer Security (TLS). This update adds the involved sub-CA certificate to OS X's list of untrusted certificates.
DirectoryService
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8
Impact: If the DirectoryService Proxy is used, a remote attacker may cause a denial of service or arbitrary code execution
Description: A buffer overflow existed in the DirectoryService Proxy. This issue was addressed through improved bounds checking. This issue does not affect OS X Lion and Mountain Lion systems.
CVE-ID
CVE-2012-0650 : aazubel working with HP's Zero Day Initiative
ImageIO
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4
Impact: Viewing a maliciously crafted PNG image may lead to an unexpected application termination or arbitrary code execution
Description: Multiple memory corruption issues existed in libpng's handling of PNG images. These issues were addressed through improved validation of PNG images. These issues do not affect OS X Mountain Lion systems.
CVE-ID
CVE-2011-3026 : Jüri Aedla
CVE-2011-3048
ImageIO
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4
Impact: Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution
Description: An integer overflow issue existed in libTIFF's handling of TIFF images. This issue was addressed through improved validation of TIFF images. This issue does not affect OS X Mountain Lion systems.
CVE-ID
CVE-2012-1173 : Alexander Gavrun working with HP's Zero Day Initiative
Installer
Available for: OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4
Impact: Remote admins and persons with physical access to the system may obtain account information
Description: The fix for CVE-2012-0652 in OS X Lion 10.7.4 prevented user passwords from being recorded in the system log, but did not remove the old log entries. This issue was addressed by deleting log files that contained passwords. This issue does not affect Mac OS X 10.6 or OS X Mountain Lion systems.
CVE-ID
CVE-2012-0652
Serious Tennis 1.0 Mac Os X
International Components for Unicode
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4
Impact: Applications that use ICU may be vulnerable to an unexpected application termination or arbitrary code execution
Description: A stack buffer overflow existed in the handling of ICU locale IDs. This issue was addressed through improved bounds checking. This issue does not affect OS X Mountain Lion systems.
CVE-ID
CVE-2011-4599
Kernel
Available for: OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4
Impact: A malicious program could bypass sandbox restrictions
Description: A logic issue existed in the handling of debug system calls. This may allow a malicious program to gain code execution in other programs with the same user privileges. This issue was addressed by disabling handling of addresses in PT_STEP and PT_CONTINUE. This issue does not affect OS X Mountain Lion systems.
CVE-ID
CVE-2012-0643 : iOS Jailbreak Dream Team
LoginWindow
Available for: OS X Mountain Lion v10.8 and v10.8.1
Impact: A local user may be able to obtain other user's login passwords
Description: A user-installed input method could intercept password keystrokes from Login Window or Screen Saver Unlock. This issue was addressed by preventing user-installed methods from being used when the system is handling login information.
CVE-ID
CVE-2012-3718: Lukhnos Liu
Mail
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4
Impact: Viewing an e-mail message may lead to execution of web plugins
Description: An input validation error existed in Mail's handling of embedded web plugins. This issue was addressed by disabling third-party plug-ins in Mail. This issue does not affect OS X Mountain Lion systems.
CVE-ID
CVE-2012-3719 : Will Dormann of the CERT/CC
Mobile Accounts
Available for: OS X Mountain Lion v10.8 and v10.8.1
Impact: A user with access to the contents of a mobile account may obtain the account password
Description: Creating a mobile account saved a hash of the password in the account, which was used to login when the mobile account was used as an external account. The password hash could be used to determine the user's password. This issue was addressed by creating the password hash only if external accounts are enabled on the system where the mobile account is created.
CVE-ID
CVE-2012-3720 : Harald Wagener of Google, Inc.
PHP
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4, OS X Mountain Lion v10.8 and v10.8.1
Impact: Multiple vulnerabilities in PHP
Description: >PHP is updated to version 5.3.15 to address multiple vulnerabilities, the most serious of which may lead to arbitrary code execution. Further information is available via the PHP web site at http://www.php.net
CVE-ID
CVE-2012-0831
CVE-2012-1172
CVE-2012-1823
CVE-2012-2143
CVE-2012-2311
CVE-2012-2386
CVE-2012-2688
PHP
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4
Impact: PHP scripts which use libpng may be vulnerable to an unexpected application termination or arbitrary code execution
Description: A memory corruption issue existed in the handling of PNG files. This issue was addressed by updating PHP's copy of libpng to version 1.5.10. This issue does not affect OS X Mountain Lion systems.
CVE-ID
CVE-2011-3048
Serious Tennis 1.0 Mac Os Update
Profile Manager
Available for: OS X Lion Server v10.7 to v10.7.4
Impact: An unauthenticated user could enumerate managed devices
Description: An authentication issue existed in the Device Management private interface. This issue was addressed by removing the interface.
This issue does not affect OS X Mountain Lion systems.
CVE-ID
CVE-2012-3721 : Derick Cassidy of XEquals Corporation
QuickLook
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4
Impact: Viewing a maliciously crafted .pict file may lead to an unexpected application termination or arbitrary code execution
Description: A memory corruption issue existed in the handling of .pict files. This issue was addressed through improved validation of .pict files. This issue does not affect OS X Mountain Lion systems.
CVE-ID
CVE-2012-0671 : Rodrigo Rubira Branco (twitter.com/bsdaemon) from the Qualys Vulnerability & Malware Research Labs (VMRL)
QuickTime
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4
Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution
Description: An integer overflow existed in QuickTime's handling of sean atoms. This issue was addressed through improved bounds checking. This issue does not affect OS X Mountain Lion systems.
CVE-ID
CVE-2012-0670 : Tom Gallagher (Microsoft) and Paul Bates (Microsoft) working with HP's Zero Day Initiative
QuickTime
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4
Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution
Description: An uninitialized memory access existed in the handling of Sorenson encoded movie files. This issue was addressed through improved memory initialization. This issue does not affect OS X Mountain Lion systems.
CVE-ID
CVE-2012-3722 : Will Dormann of the CERT/CC
Serious Tennis 1.0 Mac Os 8
QuickTime
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4
Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution
Description: A buffer overflow existed in the handling of RLE encoded movie files. This issue was addressed through improved bounds checking. This issue does not affect OS X Mountain Lion systems.
CVE-ID
CVE-2012-0668 : Luigi Auriemma working with HP's Zero Day Initiative
Ruby
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4
Impact: An attacker may be able to decrypt data protected by SSL
Description: There are known attacks on the confidentiality of SSL 3.0 and TLS 1.0 when a cipher suite uses a block cipher in CBC mode. The Ruby OpenSSL module disabled the 'empty fragment' countermeasure which prevented these attacks. This issue was addressed by enabling empty fragments. This issue does not affect OS X Mountain Lion systems.
CVE-ID
CVE-2011-3389
USB
Available for: OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4
Impact: Attaching a USB device may lead to an unexpected system termination or arbitrary code execution
Description: A memory corruption issue existed in the handling of USB hub descriptors. This issue was addressed through improved handling of the bNbrPorts descriptor field. This issue does not affect OS X Mountain Lion systems.
CVE-ID
CVE-2012-3723 : Andy Davis of NGS Secure