Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:22252
HistoryAug 07, 2009 - 12:00 a.m.

US-CERT Technical Cyber Security Alert TA09-218A -- Apple Updates for Multiple Vulnerabilities

2009-08-0700:00:00
vulners.com
40
apple
update
vulnerabilities
mac os x
security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

                National Cyber Alert System

          Technical Cyber Security Alert TA09-218A

Apple Updates for Multiple Vulnerabilities

Original release date: August 06, 2009
Last revised: –
Source: US-CERT

Systems Affected

 * Apple Mac OS X versions prior to and including 10.4.11 (Tiger)
 and 10.5.7 (Leopard)
 * Apple Mac OS X Server versions prior to
 and including 10.4.11 (Tiger) and 10.5.7 (Leopard)

Overview

Apple has released Mac OS X v10.5.8 / Security Update 2009-003 to
correct multiple vulnerabilities affecting components of Apple Mac
OS X and Mac OS X Server. Attackers could exploit these
vulnerabilities to execute arbitrary code, gain access to sensitive
information, or cause a denial of service.

I. Description

Apple Mac OS X v10.5.8 / Security Update 2009-003 addresses a
number of vulnerabilities affecting Apple Mac OS X and Mac OS X
Server. These updates also address vulnerabilities in other
vendors' products that ship with Apple Mac OS X or Mac OS X Server.

II. Impact

The impact of these vulnerabilities vary. Potential consequences
include arbitrary code execution, sensitive information disclosure,
denial of service, or privilege escalation.

III. Solution

Install Apple Mac OS X v10.5.8 / Security Update 2009-003. These
and other updates are available via Software Update or via Apple
Downloads.

IV. References


The most recent version of this document can be found at:

 <http://www.us-cert.gov/cas/techalerts/TA09-218A.html>

Feedback can be directed to US-CERT Technical Staff. Please send
email to <[email protected]> with "TA09-218A Feedback VU#426517" in
the subject.


For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html&gt;.


Produced 2009 by US-CERT, a government organization.

Terms of use:

 &lt;http://www.us-cert.gov/legal.html&gt;

Revision History

August 06, 2009: Initial release

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iQEVAwUBSnsainIHljM+H4irAQLe2wgAg9ZJq3PGtU+CYHa6+n9Gli9l/NeIXQBb
JhKvrXwFYp1uCCs5bVlZ/80Wuq6BJgkv1kojnV6zhqZA7VkPQEhjGofvcUs9MsO8
jXQ6JPdZRd6jWmB4pFHPAD5NOpBV2fJN+JQQuep9xwlap/hITfZfj24+nVFciwXo
PdsptiEvpPcfsdan5ScQB+36MC4fRixUAgV+oWHDTgZJEaO1J2/5QiMK7+jWanXH
3jD6FIVdbJQcUmMDGle7RvURSuiX4jFq3D+lweDCtLwX576qx9m6QRbvnxaX8bfU
HFcStLJRmi2kFEMiqga83lIyhSB1g1t+rWy5MBH+xml0MSYO7V7z6w==
=A6S1
-----END PGP SIGNATURE-----