US-CERT Technical Cyber Security Alert TA09-218A -- Apple Updates for Multiple Vulnerabilities

07/08/09, US-CERT Technical Cyber Security Alert TA09-218A -- Apple Updates for Multiple Vulnerabilities
From: CERT Advisory <cert-advisory@cert.org>

Generated by MHonArc

CSIM Logo WelcomeCourses
Faculty, Student, Staff
Projects and reports
Conferences, workshop and seminars
Laboratories and reasearch facilities
Information related to CSIM
Information non-related to CSIM
Address, map, phone, etc.
Search

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]


To: cert-advisory@cert.org
Subject: US-CERT Technical Cyber Security Alert TA09-218A -- Apple Updates for Multiple Vulnerabilities
From: CERT Advisory <cert-advisory@cert.org>
Date: Thu, 6 Aug 2009 14:03:50 -0400
List-archive: <http://www.cert.org/>
List-help: <http://www.cert.org/>, <mailto:Majordomo@cert.org?body=help>
List-owner: <mailto:cert-advisory-owner@cert.org>
List-post: NO (posting not allowed on this list)
List-unsubscribe: <mailto:Majordomo@cert.org?body=unsubscribe%20cert-advisory>
Organization: CERT(R) Coordination Center - +1 412-268-7090

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


                    National Cyber Alert System

              Technical Cyber Security Alert TA09-218A


Apple Updates for Multiple Vulnerabilities

   Original release date: August 06, 2009
   Last revised: --
   Source: US-CERT


Systems Affected

     * Apple Mac OS X versions prior to and including 10.4.11 (Tiger)
     and 10.5.7 (Leopard)
     * Apple Mac OS X Server versions prior to
     and including 10.4.11 (Tiger) and 10.5.7 (Leopard)


Overview

   Apple has released Mac OS X v10.5.8 / Security Update 2009-003 to
   correct multiple vulnerabilities affecting components of Apple Mac
   OS X and Mac OS X Server. Attackers could exploit these
   vulnerabilities to execute arbitrary code, gain access to sensitive
   information, or cause a denial of service.


I. Description

   Apple Mac OS X v10.5.8 / Security Update 2009-003 addresses a
   number of vulnerabilities affecting Apple Mac OS X and Mac OS X
   Server. These updates also address vulnerabilities in other
   vendors' products that ship with Apple Mac OS X or Mac OS X Server.


II. Impact

   The impact of these vulnerabilities vary. Potential consequences
   include arbitrary code execution, sensitive information disclosure,
   denial of service, or privilege escalation.


III. Solution

   Install Apple Mac OS X v10.5.8 / Security Update 2009-003.  These
   and other updates are available via Software Update or via Apple
   Downloads.


IV. References

 * Security Update 2009-003 / Mac OS X v10.5.8 -
   <http://support.apple.com/kb/HT3757>

 * Mac OS X: Updating your software -
   <https://support.apple.com/kb/HT1338?viewlocale=en_US>

 * Apple Downloads - <http://support.apple.com/downloads/>

 ____________________________________________________________________

   The most recent version of this document can be found at:

     <http://www.us-cert.gov/cas/techalerts/TA09-218A.html>
 ____________________________________________________________________

   Feedback can be directed to US-CERT Technical Staff. Please send
   email to <cert@cert.org> with "TA09-218A Feedback VU#426517" in
   the subject.
 ____________________________________________________________________

   For instructions on subscribing to or unsubscribing from this
   mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
 ____________________________________________________________________

   Produced 2009 by US-CERT, a government organization.

   Terms of use:

     <http://www.us-cert.gov/legal.html>
 ____________________________________________________________________

Revision History
  
  August 06, 2009: Initial release


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iQEVAwUBSnsainIHljM+H4irAQLe2wgAg9ZJq3PGtU+CYHa6+n9Gli9l/NeIXQBb
JhKvrXwFYp1uCCs5bVlZ/80Wuq6BJgkv1kojnV6zhqZA7VkPQEhjGofvcUs9MsO8
jXQ6JPdZRd6jWmB4pFHPAD5NOpBV2fJN+JQQuep9xwlap/hITfZfj24+nVFciwXo
PdsptiEvpPcfsdan5ScQB+36MC4fRixUAgV+oWHDTgZJEaO1J2/5QiMK7+jWanXH
3jD6FIVdbJQcUmMDGle7RvURSuiX4jFq3D+lweDCtLwX576qx9m6QRbvnxaX8bfU
HFcStLJRmi2kFEMiqga83lIyhSB1g1t+rWy5MBH+xml0MSYO7V7z6w==
=A6S1
-----END PGP SIGNATURE-----

Previous message sorted by date: US-CERT Technical Cyber Security Alert TA09-204A -- Adobe Flash Vulnerability Affects Flash Player and Other Adobe Products
Next message sorted by date: US-CERT Technical Cyber Security Alert TA09-223A -- Microsoft Updates for Multiple Vulnerabilities
Previous message sorted by thread: US-CERT Technical Cyber Security Alert TA09-204A -- Adobe Flash Vulnerability Affects Flash Player and Other Adobe Products
Next message by thread: US-CERT Technical Cyber Security Alert TA09-223A -- Microsoft Updates for Multiple Vulnerabilities
Main Index
Thread Index

CSIM home pageWMailAccount managementCSIM LibraryNetwork test toolsSearch CSIM directories
Contact us: Olivier Nicole CSIM    SET    AIT Last update: Jan 2010