SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com






Category:   OS (UNIX)  >   Apple macOS/OS X Vendors:   Apple
Apple OS X Multiple Flaws Let Users Execute Arbitrary Code, Obtain Elevated Privileges, Bypass Security Restrictions, and Obtain Potentially Sensitive Information
SecurityTracker Alert ID:  1031063
SecurityTracker URL:  http://securitytracker.com/id/1031063
CVE Reference:   CVE-2014-4391, CVE-2014-4417, CVE-2014-4425, CVE-2014-4426, CVE-2014-4427, CVE-2014-4428, CVE-2014-4430, CVE-2014-4431, CVE-2014-4432, CVE-2014-4433, CVE-2014-4434, CVE-2014-4435, CVE-2014-4436, CVE-2014-4437, CVE-2014-4438, CVE-2014-4439, CVE-2014-4440, CVE-2014-4441, CVE-2014-4442, CVE-2014-4443, CVE-2014-4444   (Links to External Site)
Date:  Oct 17 2014
Impact:   Denial of service via local system, Disclosure of system information, Disclosure of user information, User access via local system
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to 10.10
Description:   Multiple vulnerabilities were reported in Apple OS X. An application can bypass sandbox restrictions. A local user can cause denial of service conditions. A remote or local user can obtain potentially sensitive information.

An application signed on OS X prior to 10.9 or using custom resource rules that is modified to result in an invalid signature may not be prevented from launching [CVE-2014-4391].

[Editor's note: This flaw was silently fixed in 10.9.5 and Security Update 2014-004 for 10.8.5.]

When a user opts in to receive push notifications from specially crafted web site, future Safari Push Notifications may be missed by SafariNotificationAgent [CVE-2014-4417].

The system may fail to enforce the 'require password after sleep or screen saver begins' preference until after a reboot [CVE-2014-4425].

A remote attacker can exploit a flaw in the AFP file server to determine the system network addresses [CVE-2014-4426].

An application can exploit a flaw in the accessibility API to bypass sandbox restrictions [CVE-2014-4427].

A remote user can spoof a Bluetooth Human Interface Device-class Bluetooth Low Energy device to establish a connection [CVE-2014-4428].

A flaw in CoreStorage may cause an encrypted volume to stay unlocked when ejected [CVE-2014-4430].

A local user can trigger a state management flaw in the Doc to view windows when the screen is locked [CVE-2014-4431].

When settings are updated via the fdesetup command but before the system is rebooted, the command may return misleading status for the state of encryption on disk [CVE-2014-4432].

A specially crafted file system can trigger a heap overflow in the handling of HFS resource forks to can cause the system to shutdown [CVE-2014-4433].

A specially crafted file system can trigger a null dereference can cause the system to shutdown [CVE-2014-4434].

A user can conduct a brute force attack against the iCloud Find My Mac Lost mode PIN [CVE-2014-4435].

An application can trigger an out-of-bounds memory read in the IOHIDFamily driver to cause denial of service conditions [CVE-2014-4436].

A local user can exploit a flaw in the LaunchServices interface to bypass sandbox restrictions [CVE-2014-4437].

The screen may fail to lock due to a race condition LoginWindow [CVE-2014-4438].

A remote user may send email to unintended recipients due to a user interface inconsistency in the Mail application when addresses are removed from the list of recipients [CVE-2014-4439].

MCX Desktop mobile configuration profiles may not be removed when uninstalled [CVE-2014-4440].

A flaw in the NetFS Client Framework may cause File Sharing may enter a state from which it cannot be disabled [CVE-2014-4441].

A local user can send specially crafted messages to system control sockets to cause cause an unexpected system termination [CVE-2014-4442].

A remote user can trigger a null dereference in the handling of ASN.1 data to cause denial of service conditions [CVE-2014-4443].

A local user can exploit a state management flaw in SecurityAgent during Fast User Switching to access another user's Kerberos tickets [CVE-2014-4444].

The following researchers reported these vulnerabilities:

Christopher Hickstein (via HP's Zero Day Initiative), Marek Isalski of Faelix Limited, Craig Young of Tripwire VERT, Paul S. Ziegler of Reflare UG, Mike Ryan of iSEC Partners, Benjamin King at See Ben Click Computer Services LLC, Karsten Iwen, Dustin Li (http://dustin.li/), Ken J. Takekoshi, various anonymous researchers, Emil Sjolander of Umea University, Maksymilian Arciemowicz, knoy, cunzhang from Adlab of Venustech, Meder Kydyraliev of the Google Security Team, Harry Sintonen of nSense, Alessandro Lobina of Helvetia Insurances, Patryk Szlagowski of Funky Monkey Labs, Patrick J Power of Melbourne, Australia, Kevin Koster of Cloudpath Networks, Eduardo Bonsi of BEARTCOMMUNICATIONS, Darius Davis of VMware, Coverity, Gary Simon of Sandia National Laboratories, Ragnar Sundblad of KTH Royal Institute of Technology, and Eugene Homyakov of Kaspersky Lab.

Impact:   An application can bypass sandbox restrictions.

A local user can cause denial of service conditions.

A remote or local user can obtain potentially sensitive information.

Solution:   The vendor has issued a fix (OS X Yosemite v10.10).

The vendor's advisory is available at:

https://support.apple.com/kb/HT6535

Vendor URL:  support.apple.com/kb/HT6535 (Links to External Site)
Cause:   Access control error, Boundary error, State error

Message History:   This archive entry has one or more follow-up message(s) listed below.
Oct 21 2014 (Apple Issues Fix for Apple TV) Apple OS X Multiple Flaws Let Users Execute Arbitrary Code, Obtain Elevated Privileges, Bypass Security Restrictions, and Obtain Potentially Sensitive Information
Apple has issued a fix for Apple TV.
Oct 21 2014 (Apple Issues Fix for iOS) Apple OS X Multiple Flaws Let Users Execute Arbitrary Code, Obtain Elevated Privileges, Bypass Security Restrictions, and Obtain Potentially Sensitive Information
Apple has issued a fix for Apple iOS.



 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

Copyright 2017, SecurityGlobal.net LLC