VRDAフィード：脆弱性脅威分析用情報の定型データ配信

VRDA Feed by

Vulnerability Response Decision Assistance Feed : 脆弱性脅威分析用情報の定型データ配信

[ about VRDA Feed | JPCERT/CC ]

分析対象脆弱性情報 (リビジョン番号 : 1)

[ Download XML ]

VRDA-100121-001

Mac OS X における複数の脆弱性に対するアップデート

http://support.apple.com/kb/HT4004?viewlocale=ja_JP

ここでは、セキュリティアップデート 2010-001 について説明します。このアップデートは、ソフトウェア・アップデート環境設定、またはサポートダウンロードからダウンロードしてインストールできます。

この情報について

分析情報提供元:

JPCERT/CC

初版公開日:

2010-01-21

分析対象脆弱性情報の分類:

アドバイザリ・注意喚起

最終更新日:

2010-01-21

脆弱性の影響を受ける製品の識別子

cpe:/o:apple:mac_os_x (Apple Mac OS X)

脆弱性の分析内容

[分析に利用した情報の信頼性]^[?]

低^[?]

中^[?]

高^[?]

[影響の大きさ]^[?]

小^[?]

小～中^[?]

中～大^[?]

大^[?]

[攻撃経路]^[?]

物理アクセス^[?]

ローカルマシン上^[?]

同一セグメント上^[?]

インターネット経由^[?]

[認証レベル]^[?]

管理者アカウント^[?]

一般ユーザアカウント^[?]

フリーアカウント^[?]

不要^[?]

[攻撃成立に必要なユーザの関与]^[?]

複雑^[?]

簡単^[?]

不要^[?]

[攻撃の難易度]^[?]

高^[?]

中～高^[?]

低～中^[?]

低^[?]

[対策の有無]^[?]

公式パッチ有り^[?]

公式回避策有り^[?]

非公式回避策・パッチ有り^[?]

なし^[?]

[インシデントの発生状況]^[?]

活動なし^[?]

Exploit/PoCあり^[?]

活動あり^[?]

関連情報

参考情報

Common Vulnerabilities and Exposures (CVE) CVE-2010-0036

Common Vulnerabilities and Exposures (CVE) CVE-2009-3553

Use-after-free vulnerability in the abstract file-descriptor handlinginterface in the cupsdDoSelect function in scheduler/select.c in thescheduler in cupsd in CUPS 1.3.7 and 1.3.10 allows remote attackers tocause a denial of service (daemon crash or hang) via a clientdisconnection during listing of a large number of print jobs, relatedto improperly maintaining a reference count. NOTE: some of thesedetails are obtained from third party information.

Common Vulnerabilities and Exposures (CVE) CVE-2009-3794

Heap-based buffer overflow in Adobe Flash Player before 10.0.42.34 andAdobe AIR before 1.5.3 allows remote attackers to execute arbitrarycode via crafted dimensions of JPEG data in an SWF file.

Common Vulnerabilities and Exposures (CVE) CVE-2009-3796

Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 mightallow attackers to execute arbitrary code via unspecified vectors,related to a "data injection vulnerability."

Common Vulnerabilities and Exposures (CVE) CVE-2009-3797

Adobe Flash Player 10.x before 10.0.42.34 and Adobe AIR before 1.5.3might allow attackers to execute arbitrary code via unspecifiedvectors that trigger memory corruption.

Common Vulnerabilities and Exposures (CVE) CVE-2009-3798

Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 mightallow attackers to execute arbitrary code via unspecified vectors thattrigger memory corruption.

Common Vulnerabilities and Exposures (CVE) CVE-2009-3799

Integer overflow in the Verifier::parseExceptionHandlers function inAdobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 allowsremote attackers to execute arbitrary code via an SWF file with alarge exception_count value that triggers memory corruption, relatedto "generation of ActionScript exception handlers."

Common Vulnerabilities and Exposures (CVE) CVE-2009-3800

Multiple unspecified vulnerabilities in Adobe Flash Player before10.0.42.34 and Adobe AIR before 1.5.3 allow attackers to cause adenial of service (application crash) or possibly execute arbitrarycode via unknown vectors.

Common Vulnerabilities and Exposures (CVE) CVE-2009-3951

Unspecified vulnerability in the Flash Player ActiveX control in AdobeFlash Player before 10.0.42.34 and Adobe AIR before 1.5.3 on Windowsallows remote attackers to obtain the names of local files via unknownvectors. NOTE: this vulnerability exists because of an incomplete fixfor CVE-2008-4820.

Common Vulnerabilities and Exposures (CVE) CVE-2009-2285

Buffer underflow in the LZWDecodeCompat function in libtiff 3.8.2allows context-dependent attackers to cause a denial of service(crash) via a crafted TIFF image, a different vulnerability thanCVE-2008-2327.

Common Vulnerabilities and Exposures (CVE) CVE-2010-0037

Common Vulnerabilities and Exposures (CVE) CVE-2009-3555

The TLS protocol, and the SSL protocol 3.0 and possibly earlier, asused in Microsoft Internet Information Services (IIS) 7.0, mod_ssl inthe Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l,GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS)3.12.4 and earlier, multiple Cisco products, and other products, doesnot properly associate renegotiation handshakes with an existingconnection, which allows man-in-the-middle attackers to insert datainto HTTPS sessions, and possibly other types of sessions protected byTLS or SSL, by sending an unauthenticated request that is processedretroactively by a server in a post-renegotiation context, related toa "plaintext injection" attack, aka the "Project Mogul" issue.