Apple Mac OS X Multiple Remote Code Execution and Denial of Service Vulnerabilities
Multiple vulnerabilities have been identified in Apple Mac OS X, which could be exploited by remote or local attackers to execute arbitrary commands, cause a denial of service, disclose sensitive information, or bypass security restrictions.

These issues are due to errors in ColorSync, CoreGraphics, Crash Reporter, CUPS, Disk Images, DS Plug-Ins, Flash Player, GNU Tar, HFS, HID Family, ImageIO, Kernel, MySQL Server, Networking, OpenSSH, Printing, QuickDraw Manager, servermgrd, SMB File Server, Software Update, sudo and WebLog.

For additional information, see : FrSIRT/ADV-2007-0074 - FrSIRT/ADV-2006-4629 - FrSIRT/ADV-2007-0141 - FrSIRT/ADV-2007-0171 - FrSIRT/ADV-2006-4448 - FrSIRT/ADV-2006-4714 - FrSIRT/ADV-2006-4762 - FrSIRT/ADV-2006-4746 - FrSIRT/ADV-2007-0191 - FrSIRT/ADV-2007-0337 - FrSIRT/ADV-2006-4094 - FrSIRT/ADV-2006-0684 - FrSIRT/ADV-2006-4717 - FrSIRT/ADV-2006-1633 - FrSIRT/ADV-2006-2105 - FrSIRT/ADV-2006-3079 - FrSIRT/ADV-2006-3306 - FrSIRT/ADV-2006-0306 - FrSIRT/ADV-2006-3777 - FrSIRT/ADV-2006-3633

Affected Products

Apple Mac OS X version 10.3.9 and prior
Apple Mac OS X Server version 10.3.9 and prior
Apple Mac OS X version 10.4.8 and prior
Apple Mac OS X Server version 10.4.8 and prior

Solution

Apply updates :
http://www.apple.com/support/downloads/
더보기

댓글,