VRDA Feed : Provides information for vulnerability impact analysis

VRDA Feed by

Vulnerability Response Decision Assistance Feed : Information for vulnerability impact analysis

Vulnerability Analysis Result (Revision No : 1)

VRDA-090914-001 ( CVE-2008-2079 | CVE-2008-5498 | CVE-2008-6680 | CVE-2009-0590 | CVE-2009-0591 | CVE-2009-0789 | CVE-2009-0949 | CVE-2009-1241 | CVE-2009-1270 | CVE-2009-1271 | CVE-2009-1272 | CVE-2009-1371 | CVE-2009-1372 | CVE-2009-1862 | CVE-2009-1863 | CVE-2009-1864 | CVE-2009-1865 | CVE-2009-1866 | CVE-2009-1867 | CVE-2009-1868 | CVE-2009-1869 | CVE-2009-1870 | CVE-2009-2468 | CVE-2009-2800 | CVE-2009-2803 | CVE-2009-2804 | CVE-2009-2805 | CVE-2009-2807 | CVE-2009-2809 | CVE-2009-2811 | CVE-2009-2812 | CVE-2009-2813 | CVE-2009-2814 )

Apple Security Update 2009-005

http://support.apple.com/kb/HT3865

This document describes Security Update 2009-005, which can be downloaded and installed via Software Update preferences, or from Apple Downloads.

About This Analysis Information

Analysis Information Provider:

JPCERT/CC

First Published:

2009-09-14

Source Information Category:

Advisory, Alert

Last Updated:

2009-09-14

Affected Product Tags

cpe:/o:apple:mac_os_x (Apple Mac OS X)

cpe:/o:apple:mac_os_x_server (Apple Mac OS X Server)

Vulnerability Analysis Results

[Information Source Reliability]^[?]

Low^[?]

Medium^[?]

High^[?]

[Impact Level]^[?]

Low^[?]

Low-Medium^[?]

Medium-High^[?]

High^[?]

[Access Required]^[?]

Physical^[?]

Local^[?]

Non-routed^[?]

Routed^[?]

[Authentication]^[?]

Privileged^[?]

Standard^[?]

Limited^[?]

None or Unnecessary^[?]

[User Interaction Required]^[?]

Complex^[?]

Simple^[?]

None^[?]

[Technical Difficulty]^[?]

High^[?]

Medium-High^[?]

Low-Medium^[?]

Low^[?]

[Availability of Remediation]^[?]

Official Patch^[?]

Official Workaround^[?]

Unofficial Patch^[?]

None^[?]

[Incident Activity]^[?]

None^[?]

Exploit or PoC^[?]

Activity Observed^[?]

Alternatives

Common Vulnerabilities and Exposures (CVE) CVE-2008-2079

MySQL 4.1.x before 4.1.24, 5.0.x before 5.0.60, 5.1.x before 5.1.24,and 6.0.x before 6.0.5 allows local users to bypass certain privilegechecks by calling CREATE TABLE on a MyISAM table with modified (1)DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are within theMySQL home data directory, which can point to tables that are createdin the future.

Common Vulnerabilities and Exposures (CVE) CVE-2008-5498

Array index error in the imageRotate function in PHP 5.2.8 and earlierallows context-dependent attackers to read the contents of arbitrarymemory locations via a crafted value of the third argument (aka thebgd_color or clrBack argument) for an indexed image.

Common Vulnerabilities and Exposures (CVE) CVE-2008-6680

libclamav/pe.c in ClamAV before 0.95 allows remote attackers to causea denial of service (crash) via a crafted EXE file that triggers adivide-by-zero error.

Common Vulnerabilities and Exposures (CVE) CVE-2009-0590

The ASN1_STRING_print_ex function in OpenSSL before 0.9.8k allowsremote attackers to cause a denial of service (invalid memory accessand application crash) via vectors that trigger printing of a (1)BMPString or (2) UniversalString with an invalid encoded length.

Common Vulnerabilities and Exposures (CVE) CVE-2009-0591

The CMS_verify function in OpenSSL 0.9.8h through 0.9.8j, when CMS isenabled, does not properly handle errors associated with malformedsigned attributes, which allows remote attackers to repudiate asignature that originally appeared to be valid but was actuallyinvalid.

Common Vulnerabilities and Exposures (CVE) CVE-2009-0789

OpenSSL before 0.9.8k on WIN64 and certain other platforms does notproperly handle a malformed ASN.1 structure, which allows remoteattackers to cause a denial of service (invalid memory access andapplication crash) by placing this structure in the public key of acertificate, as demonstrated by an RSA public key.

Common Vulnerabilities and Exposures (CVE) CVE-2009-0949

The ippReadIO function in cups/ipp.c in cupsd in CUPS before 1.3.10does not properly initialize memory for IPP request packets, whichallows remote attackers to cause a denial of service (NULL pointerdereference and daemon crash) via a scheduler request with twoconsecutive IPP_TAG_UNSUPPORTED tags.

Common Vulnerabilities and Exposures (CVE) CVE-2009-1241

Unspecified vulnerability in ClamAV before 0.95 allows remoteattackers to bypass detection of malware via a modified RAR archive.

Common Vulnerabilities and Exposures (CVE) CVE-2009-1270

libclamav/untar.c in ClamAV before 0.95 allows remote attackers tocause a denial of service (infinite loop) via a crafted TAR file thatcauses (1) clamd and (2) clamscan to hang.

Common Vulnerabilities and Exposures (CVE) CVE-2009-1271

The JSON_parser function (ext/json/JSON_parser.c) in PHP 5.2.x before5.2.9 allows remote attackers to cause a denial of service(segmentation fault) via a malformed string to the json_decode APIfunction.

Common Vulnerabilities and Exposures (CVE) CVE-2009-1272

The php_zip_make_relative_path function in php_zip.c in PHP 5.2.xbefore 5.2.9 allows context-dependent attackers to cause a denial ofservice (crash) via a ZIP file that contains filenames with relativepaths, which is not properly handled during extraction.

Common Vulnerabilities and Exposures (CVE) CVE-2009-1371

The CLI_ISCONTAINED macro in libclamav/others.h in ClamAV before0.95.1 allows remote attackers to cause a denial of service(application crash) via a malformed file with UPack encoding.

Common Vulnerabilities and Exposures (CVE) CVE-2009-1372

Stack-based buffer overflow in the cli_url_canon function inlibclamav/phishcheck.c in ClamAV before 0.95.1 allows remote attackersto cause a denial of service (application crash) and possibly executearbitrary code via a crafted URL.

Common Vulnerabilities and Exposures (CVE) CVE-2009-1862

Unspecified vulnerability in Adobe Reader and Acrobat 9.x through9.1.2, and Adobe Flash Player 9.x through 9.0.159.0 and 10.x through10.0.22.87, allows remote attackers to execute arbitrary code or causea denial of service (memory corruption) via (1) a crafted Flashapplication in a .pdf file or (2) a crafted .swf file, related toauthplay.dll, as exploited in the wild in July 2009.

Common Vulnerabilities and Exposures (CVE) CVE-2009-1863

Unspecified vulnerability in Adobe Flash Player before 9.0.246.0 and10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackersto cause a denial of service (application crash) or possibly executearbitrary code via unknown vectors, related to a "privilege escalationvulnerability."

Common Vulnerabilities and Exposures (CVE) CVE-2009-1864

Heap-based buffer overflow in Adobe Flash Player before 9.0.246.0 and10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackersto cause a denial of service (application crash) or possibly executearbitrary code via unspecified vectors.

Common Vulnerabilities and Exposures (CVE) CVE-2009-1865

Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, andAdobe AIR before 1.5.2, allows attackers to cause a denial of service(application crash) or possibly execute arbitrary code via unspecifiedvectors, related to a "null pointer vulnerability."

Common Vulnerabilities and Exposures (CVE) CVE-2009-1866

Stack-based buffer overflow in Adobe Flash Player before 9.0.246.0 and10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackersto cause a denial of service (application crash) or possibly executearbitrary code via unspecified vectors.

Common Vulnerabilities and Exposures (CVE) CVE-2009-1867

Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, andAdobe AIR before 1.5.2, allows attackers to trick a user into (1)selecting a link or (2) completing a dialog, related to a"clickjacking vulnerability."

Common Vulnerabilities and Exposures (CVE) CVE-2009-1868

Common Vulnerabilities and Exposures (CVE) CVE-2009-1869

Integer overflow in the ActionScript Virtual Machine 2 (AVM2) abcFileparser in Adobe Flash Player before 9.0.246.0 and 10.x before10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to cause adenial of service (application crash) or possibly execute arbitrarycode via an AVM2 file with a large intrf_count value that triggers adereference of an out-of-bounds pointer.

Common Vulnerabilities and Exposures (CVE) CVE-2009-1870

Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, andAdobe AIR before 1.5.2, allows attackers to obtain sensitiveinformation via vectors involving saving an SWF file to a hard drive,related to a "local sandbox vulnerability."

Common Vulnerabilities and Exposures (CVE) CVE-2009-2468

Integer overflow in Apple CoreGraphics, as used in Safari before4.0.3, Mozilla Firefox before 3.0.12, and Mac OS X, allows remoteattackers to cause a denial of service (application crash) or possiblyexecute arbitrary code via a long text run that triggers a heap-basedbuffer overflow during font glyph rendering, a related issue toCVE-2009-1194.

Common Vulnerabilities and Exposures (CVE) CVE-2009-2800

Common Vulnerabilities and Exposures (CVE) CVE-2009-2803

Common Vulnerabilities and Exposures (CVE) CVE-2009-2804

Common Vulnerabilities and Exposures (CVE) CVE-2009-2805

Common Vulnerabilities and Exposures (CVE) CVE-2009-2807

Common Vulnerabilities and Exposures (CVE) CVE-2009-2809

Common Vulnerabilities and Exposures (CVE) CVE-2009-2811

Common Vulnerabilities and Exposures (CVE) CVE-2009-2812

Common Vulnerabilities and Exposures (CVE) CVE-2009-2813

Common Vulnerabilities and Exposures (CVE) CVE-2009-2814

References