SB2017110103 - Multiple vulnerabilities in Apple macOS

Description

This security bulletin contains information about 36 secuirty vulnerabilities.

1) Improper input validation (CVE-ID: CVE-2017-13782)

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The weakness exists due to an input validation flaw in the the kernel component. A remote user can supply a specially crafted input to read restricted memory.

2) Improper access control (CVE-ID: CVE-2017-13786)

The vulnerability allows a local attacker to bypass security restrictions on the target system.

The weakness exists due to a DMA access control flaw in the APFS component. A local attacker with a connected Thunderbolt adapter can recover unencrypted APFS filesystem data.

3) Memory corruption (CVE-ID: CVE-2017-13800)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to a memory corruption error in the APFS component. A remote attacker can execute arbitrary code with elevated privileges.

4) Improper input validation (CVE-ID: CVE-2017-13801)

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The weakness exists due to an input validation flaw in the Dictionary Widget component. A remote user can supply a specially crafted input to access arbitrary files.

5) Memory corruption (CVE-ID: CVE-2017-13807)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to a memory corruption error in the Audio component. A remote attacker can execute arbitrary code with elevated privileges.

6) Memory corruption (CVE-ID: CVE-2017-13808)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to a memory corruption error in the Remote Management component. A remote attacker can execute arbitrary code with system privileges.

7) Improper input validation (CVE-ID: CVE-2017-13809)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to a input validation flaw in the AppleScript component. A remote attacker can create specially crafted AppleScript that, trick the victim into decompiling it with osadecompile and execute arbitrary code with elevated privileges.

8) Information disclosure (CVE-ID: CVE-2017-13810)

The vulnerability allows a local attacker to obtain potentially sensitive information on the target system.

The weakness exists due to a permissions error in packet counters in the kernel component. A local attacker can gain access to arbitrary data.

9) Memory corruption (CVE-ID: CVE-2017-13811)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to a memory corruption error in the fsck_msdos component. A remote attacker can execute arbitrary code with system privileges.

10) Memory corruption (CVE-ID: CVE-2017-13812)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to a memory corruption error in the libarchive component. A remote attacker can execute arbitrary code with elevated privileges.

11) Buffer overflow (CVE-ID: CVE-2017-13813)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to a buffer overflow in the libarchive component. A remote attacker can execute arbitrary code with elevated privileges.

12) Memory corruption (CVE-ID: CVE-2017-13814)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to a memory corruption error in the ImageIO component. A remote attacker can execute arbitrary code with system privileges.

13) Security restrictions bypass (CVE-ID: CVE-2017-13815)

The vulnerability allows a remote attacker to bypass security restrictions on the target system.

The weakness exists due to multiple issues in file. A remote attacker can gain access to the system.

14) Buffer overflow (CVE-ID: CVE-2017-13816)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to a buffer overflow in the libarchive component. A remote attacker can execute arbitrary code with elevated privileges.

15) Out-of-bounds read (CVE-ID: CVE-2017-13817)

The vulnerability allows a local attacker to obtain potentially sensitive information on the target system.

The weakness exists due to an out-of-bounds read error in the the kernel component. A local attacker can gain access to arbitrary data.

16) Improper input validation (CVE-ID: CVE-2017-13818)

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The weakness exists due to an input validation flaw in the the kernel component. A remote user can supply a specially crafted input to read restricted memory.

17) Cross-site scripting (CVE-ID: CVE-2017-13819)

The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The vulnerability exists in the HelpViewer component due to insufficient sanitization of user-supplied data. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.

18) Memory corruption (CVE-ID: CVE-2017-13820)

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The weakness exists due to a memory corruption error in the ATS component. A remote user can trick the victim into processing a specially crafted font and gain access to arbitrary data.

19) Improper input validation (CVE-ID: CVE-2017-13821)

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The weakness exists due to an input validation flaw in the CFString component. A remote user can supply a specially crafted input to read restricted memory.

20) Improper input validation (CVE-ID: CVE-2017-13822)

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The weakness exists due to an input validation flaw in the the Quick Look component. A remote user can supply a specially crafted input to read restricted memory.

21) Improper input validation (CVE-ID: CVE-2017-13823)

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The weakness exists due to an input validation flaw in the the  QuickTime component. A remote user can supply a specially crafted input to read restricted memory.

22) Memory corruption (CVE-ID: CVE-2017-13824)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to a memory corruption error in the Open Scripting Architecture component. A remote attacker can create specially crafted AppleScript that, trick the victim into decompiling it with osadecompile and execute arbitrary code with elevated privileges.

23) Memory corruption (CVE-ID: CVE-2017-13825)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to a memory corruption error in the CoreText component. A remote attacker can execute arbitrary code with elevated privileges.

24) Spoofing attack (CVE-ID: CVE-2017-13828)

The vulnerability allows a remote attacker to conduct spoofing attack on the target system.

The weakness exists due to a font rendering flaw in the Fonts component. A remote user can spoof user interface elements and access arbitrary data.

25) Memory corruption (CVE-ID: CVE-2017-13830)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to a memory corruption error in the HFS component. A remote attacker can execute arbitrary code with system privileges.

26) Memory corruption (CVE-ID: CVE-2017-13831)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to a memory management error in the ImageIO component. A remote attacker can trick the victim into loading a specially crafted image, trigger memory corruption and cause the application to crash.

27) Security restrictions bypass (CVE-ID: CVE-2017-13832)

The vulnerability allows a remote attacker to bypass security restrictions on the target system.

The weakness exists due to a flaw in the TLS 1.0 protocol in the 802.1X component. A remote attacker can bypass security restrictions.

28) Memory corruption (CVE-ID: CVE-2017-13834)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to a memory corruption error in the kernel component. A remote attacker can trick the victim into loading a specially crafted mach binary and execute arbitrary code with kernel privileges.

29) Improper input validation (CVE-ID: CVE-2017-13836)

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The weakness exists due to an input validation flaw in the the kernel component. A remote user can supply a specially crafted input to read restricted memory.

30) Memory corruption (CVE-ID: CVE-2017-13838)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to a memory corruption error in the Sandbox component. A remote attacker can execute arbitrary code with system privileges.

31) Improper input validation (CVE-ID: CVE-2017-13840)

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The weakness exists due to an input validation flaw in the the kernel component. A remote user can supply a specially crafted input to read restricted memory.

32) Improper input validation (CVE-ID: CVE-2017-13841)

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The weakness exists due to an input validation flaw in the the kernel component. A remote user can supply a specially crafted input to read restricted memory.

33) Improper input validation (CVE-ID: CVE-2017-13842)

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The weakness exists due to an input validation flaw in the the kernel component. A remote user can supply a specially crafted input to read restricted memory.

34) Memory corruption (CVE-ID: CVE-2017-13843)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to a memory corruption error in the kernel component. A remote attacker can execute arbitrary code with kernel privileges.

35) Security restrictions bypass (CVE-ID: CVE-2017-13846)

The vulnerability allows a remote attacker to bypass security restrictions on the target system.

The weakness exists due to multiple issues in pcre. A remote attacker can gain access to the system.

36) Memory corruption (CVE-ID: CVE-2017-7132)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to a memory corruption error in the Quick Look component. A remote attacker can execute arbitrary code with elevated privileges.

Remediation

Install update from vendor's website.

References

• https://support.apple.com/en-us/HT208221