Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:21824
HistoryMay 14, 2009 - 12:00 a.m.

US-CERT Technical Cyber Security Alert TA09-133A -- Apple Updates for Multiple Vulnerabilities

2009-05-1400:00:00
vulners.com
22
JSON

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

                National Cyber Alert System

          Technical Cyber Security Alert TA09-133A

Apple Updates for Multiple Vulnerabilities

Original release date: May 13, 2009
Last revised: –
Source: US-CERT

Systems Affected

 * Apple Mac OS X versions prior to and including 10.4.11 (Tiger) and 10.5.6 (Leopard)
 * Apple Mac OS X Server versions prior to and including 10.4.11 (Tiger) and 10.5.6 (Leopard)
 * Safari 3 for Windows,  Mac OS X 10.4, and Mac OS X 10.5

Overview

Apple has released multiple Security Updates, 2009-002 / Mac OS X
version 10.5.7 and Safari 3.2.3, to correct multiple
vulnerabilities affecting Apple Mac OS X , Mac OS X Server, and the
Safari web browser. Attackers could exploit these vulnerabilities
to execute arbitrary code, gain access to sensitive information, or
cause a denial of service.

I. Description

Apple Security Update 2009-002 / Mac OS X v10.5.7 addresses a
number of vulnerabilities affecting Apple Mac OS X and Mac OS X
Server, the Safari security update addresses vulnerabilities
affecting the Safari web browser (for Windows and OS X). These
updates also address vulnerabilities in other vendors' products
that ship with Apple Mac OS X or Mac OS X Server.

II. Impact

The impacts of these vulnerabilities vary. Potential consequences
include arbitrary code execution, sensitive information disclosure,
denial of service, or privilege escalation.

III. Solution

Install Apple Security Update 2009-002 / Mac OS X v10.5.7, or
Safari 3.2.3. These and other updates are available via Software
Update or via Apple Downloads.

IV. References

The most recent version of this document can be found at:

 <http://www.us-cert.gov/cas/techalerts/TA09-133A.html>

Feedback can be directed to US-CERT Technical Staff. Please send
email to <[email protected]> with "TA09-133A Feedback VU#175188" in
the subject.

For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html&gt;.

Produced 2009 by US-CERT, a government organization.

Terms of use:

 &lt;http://www.us-cert.gov/legal.html&gt;

Revision History

May 13, 2009: Initial release

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iQEVAwUBSgsdiHIHljM+H4irAQIsGAf+IykbS/FD1X/R2ooezndAmZjrcT29XnpV
HO4DiMlKmqW+dUffk4mdJLVR7y8pwUuP4TbjwncoT39SDR9UoEankv7+Dao/qkM/
Jp0flkEpb5qtcIm9VnuWvpCE31OZZgwBwJ7f2WWzbBLqoZ5FIWAhCcW6E5v6mjVy
J+Z4BmHYUIapPLzGzV8+HT6/7LRNpg+mZoldEBUoXXjik8o78v5A7iGyMSXoaBlV
vL8N/3GG9a9xecLqbbv5N6ABsncHA9f/GzBnfJUqVHkUM1xnjqmgd7TZikObw+fJ
xcgWvmYmoRdCMzM3b1jPqWPDGJDbo0oHZM3J3hKE+opsLe9xChM1qA==
=dQ2L
-----END PGP SIGNATURE-----

JSON