This issue was addressed through improved bounds checking. Impact: Viewing a maliciously crafted JPEG image may lead to an unexpected application termination or arbitrary code executionĭescription: A buffer overflow issue existed in ImageIO's handling of JPEG images. This issue was addressed through additional validation of ASN.1 data.ĬVE-2014-1316 : Joonas Kuorilehto of Codenomicon Impact: A remote attacker may be able to cause a denial of serviceĭescription: A reachable abort existed in the handling of ASN.1 data. This issue does not affect OS X Mavericks systems. This issue was addressed through additional bounds checking.
#MOUNTAIN LION MAC OS X ID URL PDF#
Impact: Opening a maliciously crafted PDF file may result in an unexpected application termination or arbitrary code executionĭescription: A buffer underflow existed in the handling of fonts in PDF files. This issue does not affect systems prior to OS X Mavericks.ĬVE-2014-1315 : Lukasz Pilorz of, Erik KooistraĪvailable for: OS X Mountain Lion v10.8.5 This issue was addressed through additional validation of URLs. Impact: Visiting a maliciously crafted website or URL may result in an unexpected application termination or arbitrary code executionĭescription: A format string issue existed in the handling of URLs.
This issue was addressed by ignoring incomplete HTTP header lines.ĬVE-2014-1296 : Antoine Delignat-Lavaud of Prosecco at Inria Paris An attacker could strip security settings from the cookie by forcing the connection to close before the security settings were sent, and then obtain the value of the unprotected cookie. Impact: An attacker in a privileged network position can obtain web site credentialsĭescription: Set-Cookie HTTP headers would be processed even if the connection closed before the header line was complete. To learn about other Security Updates, see " Apple Security Updates".Īvailable for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, and OS X Mavericks 10.9.2 Where possible, CVE IDs are used to reference the vulnerabilities for further information.
#MOUNTAIN LION MAC OS X ID URL HOW TO#
To learn more about Apple Product Security, see the Apple Product Security website.įor information about the Apple Product Security PGP Key, see " How to use the Apple Product Security PGP Key." This update can be downloaded and installed using Software Update, or from the Apple Support website.įor the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases are available.
0 kommentar(er)
