US-CERT Technical Cyber Security Alert TA09-218A -- Apple Updates for Multiple Vulnerabilities

2 views
Skip to first unread message

US-CERT

unread,
Aug 6, 2009, 2:04:31 PM8/6/09
to

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


National Cyber Alert System

Technical Cyber Security Alert TA09-218A


Apple Updates for Multiple Vulnerabilities

Original release date: August 06, 2009
Last revised: --
Source: US-CERT


Systems Affected

* Apple Mac OS X versions prior to and including 10.4.11 (Tiger)
and 10.5.7 (Leopard)
* Apple Mac OS X Server versions prior to
and including 10.4.11 (Tiger) and 10.5.7 (Leopard)


Overview

Apple has released Mac OS X v10.5.8 / Security Update 2009-003 to
correct multiple vulnerabilities affecting components of Apple Mac
OS X and Mac OS X Server. Attackers could exploit these
vulnerabilities to execute arbitrary code, gain access to sensitive
information, or cause a denial of service.


I. Description

Apple Mac OS X v10.5.8 / Security Update 2009-003 addresses a
number of vulnerabilities affecting Apple Mac OS X and Mac OS X
Server. These updates also address vulnerabilities in other
vendors' products that ship with Apple Mac OS X or Mac OS X Server.


II. Impact

The impact of these vulnerabilities vary. Potential consequences
include arbitrary code execution, sensitive information disclosure,
denial of service, or privilege escalation.


III. Solution

Install Apple Mac OS X v10.5.8 / Security Update 2009-003. These
and other updates are available via Software Update or via Apple
Downloads.


IV. References

* Security Update 2009-003 / Mac OS X v10.5.8 -
<http://support.apple.com/kb/HT3757>

* Mac OS X: Updating your software -
<https://support.apple.com/kb/HT1338?viewlocale=en_US>

* Apple Downloads - <http://support.apple.com/downloads/>

____________________________________________________________________

The most recent version of this document can be found at:

<http://www.us-cert.gov/cas/techalerts/TA09-218A.html>
____________________________________________________________________

Feedback can be directed to US-CERT Technical Staff. Please send
email to <ce...@cert.org> with "TA09-218A Feedback VU#426517" in
the subject.
____________________________________________________________________

For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
____________________________________________________________________

Produced 2009 by US-CERT, a government organization.

Terms of use:

<http://www.us-cert.gov/legal.html>
____________________________________________________________________

Revision History

August 06, 2009: Initial release


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iQEVAwUBSnsainIHljM+H4irAQLe2wgAg9ZJq3PGtU+CYHa6+n9Gli9l/NeIXQBb
JhKvrXwFYp1uCCs5bVlZ/80Wuq6BJgkv1kojnV6zhqZA7VkPQEhjGofvcUs9MsO8
jXQ6JPdZRd6jWmB4pFHPAD5NOpBV2fJN+JQQuep9xwlap/hITfZfj24+nVFciwXo
PdsptiEvpPcfsdan5ScQB+36MC4fRixUAgV+oWHDTgZJEaO1J2/5QiMK7+jWanXH
3jD6FIVdbJQcUmMDGle7RvURSuiX4jFq3D+lweDCtLwX576qx9m6QRbvnxaX8bfU
HFcStLJRmi2kFEMiqga83lIyhSB1g1t+rWy5MBH+xml0MSYO7V7z6w==
=A6S1
-----END PGP SIGNATURE-----

Reply all
Reply to author
Forward
0 new messages