Download
| Alert*
oval:org.secpod.oval:def:96177
The host is installed with Apple Mac OS 12 before 12.6.8 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle issues in checks. On successful exploitation, processing an image may result in disclosure of process memory. oval:org.secpod.oval:def:708517 tiff: Tag Image File Format library LibTIFF could be made to crash if it opened a specially crafted file. oval:org.secpod.oval:def:96414 tiff: Tag Image File Format library LibTIFF could be made to crash if it opened a specially crafted file. oval:org.secpod.oval:def:91287 The host is missing a security update according to Apple advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle multiple issues. Successful exploitation allow attackers to execute arbitrary code, cause denial of service, or d ... oval:org.secpod.oval:def:89051252 This update for tiff fixes the following issues: * CVE-2023-2731: Fix null pointer deference in LZWDecode . * CVE-2023-1916: Fix out-of-bounds read in extractImageSection . * CVE-2023-26965: Fix heap-based use after free in loadImage . * CVE-2022-40090: Fix infinite loop in TIFFReadDirectory . oval:org.secpod.oval:def:89051233 This update for tiff fixes the following issues: * CVE-2023-2731: Fix null pointer deference in LZWDecode . * CVE-2023-1916: Fix out-of-bounds read in extractImageSection . * CVE-2023-26965: Fix heap-based use after free in loadImage . * CVE-2022-40090: Fix infinite loop in TIFFReadDirectory . |