----------------------------------------------------------------------

The final version of the CSI 6.0 has been released. 
Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/

----------------------------------------------------------------------

TITLE:
Apple Mac OS X Multiple Vulnerabilities

SECUNIA ADVISORY ID:
SA50628

VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/50628/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=50628

RELEASE DATE:
2012-09-20

DISCUSS ADVISORY:
http://secunia.com/advisories/50628/#comments

AVAILABLE ON SITE AND IN CUSTOMER AREA:
 * Last Update
 * Popularity
 * Comments
 * Criticality Level
 * Impact
 * Where
 * Solution Status
 * Operating System / Software
 * CVE Reference(s)

http://secunia.com/advisories/50628/

ONLY AVAILABLE IN CUSTOMER AREA:
 * Authentication Level
 * Report Reliability
 * Secunia PoC
 * Secunia Analysis
 * Systems Affected
 * Approve Distribution
 * Remediation Status
 * Secunia CVSS Score
 * CVSS

https://ca.secunia.com/?page=viewadvisory&vuln_id=50628

ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:
 * AUTOMATED SCANNING

http://secunia.com/vulnerability_scanning/personal/
http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/

DESCRIPTION:
Apple has issued a security update for Mac OS X, which fixes multiple
vulnerabilities.

1) Various vulnerabilities exist in the bundled version of Apache.

For more information:
SA46288
SA45793
SA46987
SA47779
SA47410

2) An assertion error in BIND when handling DNS records can be
exploited to cause a DoS (Denial of Service).

For more information:
SA46887

3) An error in BIND can be exploited to disclose potentially
sensitive information or cause a DoS.

For more information:
SA49338

4) An error in the CoreText component when handling text glyphs can
be exploited to cause a buffer overflow and potentially compromise an
application using the component.

5) An error in the DirectoryService Proxy can be exploited to cause a
buffer overflow.

6) Errors in the ImageIO component when parsing PNG images can be
exploited to corrupt memory.

For more information:
SA48026
SA48587

7) An integer overflow error in the ImageIO component when parsing
TIFF images can be exploited to cause a buffer overflow.

For more information:
SA48684#1

8) A previous fix did not properly address an error in the Installer
component that allowed users to obtain account information. The
original fix ensured that passwords were not recorded to the system
log, but did not remove the old system log entries containing
passwords.

This is related to:
SA49039#1

9) An error in International Components for Unicode (ICU) when
handling ICU locale IDs can be exploited to cause a stack-based
buffer overflow.

For more information:
SA47146

10) A logic error in the kernel when handling debug system calls can
be exploited by a malicious program to bypass sandbox restrictions.

For more information:
SA48288#3

11) An error in the LoginWindow component can be exploited by local
users to obtain other users' login passwords.

12) An input validation error in Mail can be exploited to execute web
plugins when viewing an e-mail message.

13) An error in Mobile Accounts can be exploited by a user with
access to the contents of a mobile account to obtain the account
password.

14) Multiple errors exist in the bundled version of PHP.

For more information:
SA49014
SA44335

15) An authentication error in Profile Manager Device Management
private interface can be exploited to enumerate managed devices.

16) Various errors exist in the bundled versions of QuickLook and
QuickTime.

For more information:
SA47447

17) An uninitialised memory access error exists in QuickTime when
viewing Sorenson-encoded movie files.

18) An error in Ruby may allow decryption of SSL-protected data when
a cipher suite uses a block cipher in CBC mode.

19) An error in the USB component can be exploited to corrupt memory
by attaching a malicious USB device.

SOLUTION:
Update to version 10.8.2 or 10.7.5 or apply Security Update 2012-004.

PROVIDED AND/OR DISCOVERED BY:
The vendor credits:
4) Jesse Ruderman, Mozilla Corporation
5) aazubel via ZDI
11) An anonymous person
12, 17) Will Dormann, CERT/CC
13) Harald Wagener, Google
15) Derick Cassidy, XEquals Corporation
19) Andy Davis, NGS Secure

ORIGINAL ADVISORY:
Apple:
http://support.apple.com/kb/HT5501

OTHER REFERENCES:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/

DEEP LINKS:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/

EXTENDED DESCRIPTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/

EXTENDED SOLUTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/

EXPLOIT:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/


Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------