Security Advisories

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Subject: US-CERT Technical Cyber Security Alert TA09-218A -- Apple Updates for Multiple Vulnerabilities
From: CERT Advisory <This email address is being protected from spambots. You need JavaScript enabled to view it.>
Date: Thu, 6 Aug 2009 14:03:50 -0400

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


                    National Cyber Alert System

              Technical Cyber Security Alert TA09-218A


Apple Updates for Multiple Vulnerabilities

   Original release date: August 06, 2009
   Last revised: --
   Source: US-CERT


Systems Affected

     * Apple Mac OS X versions prior to and including 10.4.11 (Tiger)
     and 10.5.7 (Leopard)
     * Apple Mac OS X Server versions prior to
     and including 10.4.11 (Tiger) and 10.5.7 (Leopard)


Overview

   Apple has released Mac OS X v10.5.8 / Security Update 2009-003 to
   correct multiple vulnerabilities affecting components of Apple Mac
   OS X and Mac OS X Server. Attackers could exploit these
   vulnerabilities to execute arbitrary code, gain access to sensitive
   information, or cause a denial of service.


I. Description

   Apple Mac OS X v10.5.8 / Security Update 2009-003 addresses a
   number of vulnerabilities affecting Apple Mac OS X and Mac OS X
   Server. These updates also address vulnerabilities in other
   vendors' products that ship with Apple Mac OS X or Mac OS X Server.


II. Impact

   The impact of these vulnerabilities vary. Potential consequences
   include arbitrary code execution, sensitive information disclosure,
   denial of service, or privilege escalation.


III. Solution

   Install Apple Mac OS X v10.5.8 / Security Update 2009-003.  These
   and other updates are available via Software Update or via Apple
   Downloads.


IV. References

 * Security Update 2009-003 / Mac OS X v10.5.8 -
   <http://support.apple.com/kb/HT3757>

 * Mac OS X: Updating your software -
   <https://support.apple.com/kb/HT1338?viewlocale=en_US>

 * Apple Downloads - <http://support.apple.com/downloads/>

 ____________________________________________________________________

   The most recent version of this document can be found at:

     <http://www.us-cert.gov/cas/techalerts/TA09-218A.html>
 ____________________________________________________________________

   Feedback can be directed to US-CERT Technical Staff. Please send
   email to <This email address is being protected from spambots. You need JavaScript enabled to view it.> with "TA09-218A Feedback VU#426517" in
   the subject.
 ____________________________________________________________________

   For instructions on subscribing to or unsubscribing from this
   mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
 ____________________________________________________________________

   Produced 2009 by US-CERT, a government organization.

   Terms of use:

     <http://www.us-cert.gov/legal.html>
 ____________________________________________________________________

Revision History
  
  August 06, 2009: Initial release


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iQEVAwUBSnsainIHljM+H4irAQLe2wgAg9ZJq3PGtU+CYHa6+n9Gli9l/NeIXQBb
JhKvrXwFYp1uCCs5bVlZ/80Wuq6BJgkv1kojnV6zhqZA7VkPQEhjGofvcUs9MsO8
jXQ6JPdZRd6jWmB4pFHPAD5NOpBV2fJN+JQQuep9xwlap/hITfZfj24+nVFciwXo
PdsptiEvpPcfsdan5ScQB+36MC4fRixUAgV+oWHDTgZJEaO1J2/5QiMK7+jWanXH
3jD6FIVdbJQcUmMDGle7RvURSuiX4jFq3D+lweDCtLwX576qx9m6QRbvnxaX8bfU
HFcStLJRmi2kFEMiqga83lIyhSB1g1t+rWy5MBH+xml0MSYO7V7z6w==
=A6S1
-----END PGP SIGNATURE-----

Powered by:

MHonArc