Vendor Status Note JVNCIAC-P-312

Apple Mac OS X に複数の脆弱性

概要

Apple Mac OS X には複数の脆弱性があります。

想定される影響

遠隔から第三者がログインしているユーザの権限を取得したり、ローカルユーザが root 権限を取得したりするなどの影響を受ける可能性があります。

ベンダ情報

ベンダリンク更新日
アップルAbout Security Update 2005-008
参考情報

  1. ISS X-Force Database: ruby-utilsrb-command-execution(21091)
    Ruby xmlrpc/utils.rb command execution
  2. ISS X-Force Database: xmlrpc-command-execution(21194)
    XML-RPC PHP command execution
  3. ISS X-Force Database: macos-imageio-bo(22381)
    Mac OS X ImageIO buffer overflow
  4. ISS X-Force Database: macos-mailapp-information-disclosure(22382)
    Mac OS X Mail.app information disclosure
  5. ISS X-Force Database: macos-malloc-file-modification(22383)
    Mac OS X malloc file modification
  6. ISS X-Force Database: macos-quickdraw-manager-bo(22384)
    MacOS X QuickDraw Manager buffer overflow
  7. ISS X-Force Database: macos-java-extension-gain-privilege(22385)
    Mac OS X Java extensions allows attacker elevated privileges
  8. ISS X-Force Database: macos-securityagent-security-bypass(22388)
    Mac OS X SecurityAgent allows security bypass
  9. ISS X-Force Database: macos-authorization-gain-privileges(22391)
    Mac OS X Authorization Service securityd allows attacker elevated privileges
  10. ISS X-Force Database: macos-webarchives-xss(22392)
    Mac OS X web archives cross-site scripting
  11. ISS X-Force Database: macos-smtp-authentication-obtain-information(22393)
    Mac OS X SMTP authentication information disclosure
JPCERT 緊急報告
JPCERT REPORTJPCERT-WR-2005-3801 ( 2005-09-28 )
CIAC BulletinP-312 Apple Security Update 2005-008 ( 2005-09-23 )
CVE2005-2747 [CVE+] XF22381
2005-2746 [CVE+] XF22382
2005-2745 [CVE+] XF22393
2005-2748 [CVE+] XF22383
2005-2744 [CVE+] XF22384
2005-2743 [CVE+] XF22385
2005-1992 [CVE+] XF21091,XF21194
2005-2524 [CVE+] XF22392
2005-2742 [CVE+] XF22388
2005-2741 [CVE+] XF22391
PGP署名JVNCIAC-P-312.html.sig
登録日20:30 2005/10/04
更新日20:30 2005/10/04

Copyright(C) 2002-2009 Keio Univ. All rights reserved.