Download
| Alert*
oval:org.secpod.oval:def:3169
The host is installed with Apple Mac OS X 10.6.8 or 10.7.0 before 10.7.2 and is prone to multiple memory corruption vulnerabilities. The flaw are present in the applications, which fails to handle crafted input. Successful exploitation could allow attackers to overflow the buffer, execute arbitrary ... oval:org.secpod.oval:def:3500 The host is installed with Apple Mac OS X 10.6.x through 10.6.4 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to properly handle errors. Successful exploitation could allow attackers to bypass the password requirement for shared-folder. oval:org.secpod.oval:def:3501 The host is installed with Apple Mac OS X 10.6.x through 10.6.4 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to properly handle errors. Successful exploitation could allow attackers to bypass the password requirement for shared-folder. oval:org.secpod.oval:def:3154 The host is installed with Apple Mac OS X 10.6.8 and is prone to multiple vulnerabilities. The flaw are present in the application, which fails to handle disk images. Successful exploitation could allow attackers to crash the service or execute arbitrary code. oval:org.secpod.oval:def:3168 The host is installed with Apple Mac OS X 10.6.8 or 10.7.0 before 10.7.2 and is prone to a buffer overflow vulnerability. The flaw is present in the application, which fails to handle API in Apple Type Services (ATS). Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:3110 The host is installed with Apple Mac OS X 10.6.8 and is prone to an out-of-bounds memory access vulnerability. A flaw is present in the application, which fails to handle embedded Type 1 fonts. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:3844 The host is installed with Apple Mac OS X before 10.6.3 and is prone to a stack based buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a crafted PostScript document. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:3813 The host is installed with Apple Mac OS X before 10.6.3 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a crafted PEF image. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:3164 The host is installed with Apple Mac OS X 10.6.8 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted QuickTime movie files. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:3167 The host is installed with Apple Mac OS X 10.6.8 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to handle cookies properly. Successful exploitation could allow attackers to set cookies that would be blocked were the preference enforced. oval:org.secpod.oval:def:3128 The host is installed with Apple Mac OS X 10.6.8 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which updates App Store help content over HTTP. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:3815 The host is installed with Apple Mac OS X before 10.6.3 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly disable the filter rules associated with a deleted mail account. Successful exploitation could allow attackers to have unspecified impac ... oval:org.secpod.oval:def:44096 The host is installed with Apple Mac OS X 10.13.3 and is prone to a memory corruption vulnerability. The flaw is present in the application, which fails to properly handle an input validation issue. Successful exploitation allows an attacker processing a maliciously crafted string to lead to heap co ... oval:org.secpod.oval:def:44097 The host is missing a security update according to Apple advisory, APPLE-SA-2018-02-19-2. The update is required to fix memory corruption vulnerability. The flaw is present in the application, which fails to properly handle an input validation issue. Successful exploitation could allow attackers pro ... oval:org.secpod.oval:def:45302 The host is installed with Apple Mac OS X 10.13.4 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle memory corruption issues with improper error handling. Successful exploitation leads an application to gain elevated privileges ... oval:org.secpod.oval:def:45303 The host is installed with Apple Mac OS X 10.13.4 and is prone to a UI-spoofing vulnerability. A flaw is present in the application, which fails to properly handle a maliciously crafted test message. Successful exploitation leads to UI spoofing. oval:org.secpod.oval:def:45304 The host is missing a security update according to Apple advisory, APPLE-SA-2018-04-24-2. The update is required to fix multiple vulnerabilities. A flaw is present in the application, which fails to properly handle maliciously crafted vectors. Successful exploitation may lead to UI spoofing or memor ... oval:org.secpod.oval:def:3156 The host is installed with Apple Mac OS X 10.7.0 before 10.7.2 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to handle errors during processing of a nonstandard extension in a Certificate Revocation list (CRL). Successful exploitation could allow att ... oval:org.secpod.oval:def:4304 The host is installed with Apple Mac OS X 10.5.8 or 10.6 before 10.6.4 and is prone to a cross site scripting vulnerability. A flaw is present in the application, which fails to handle crafted Wiki content. Successful exploitation allows remote attackers to inject arbitrary web script or HTML . oval:org.secpod.oval:def:3158 The host is installed with Apple Mac OS X 10.7.0 before 10.7.2 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to prevent FireWire DMA in the absence of a login. Successful exploitation could allow attackers to bypass intended access restrictions. oval:org.secpod.oval:def:3157 The host is installed with Apple Mac OS X 10.7.0 before 10.7.2 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to handle file deletions in directories with the sticky bit. Successful exploitation could allow attackers to bypass intended permiss ... oval:org.secpod.oval:def:3161 The host is installed with Apple Mac OS X 10.6.8 or 10.7.0 before 10.7.2 and is prone to a stack consumption vulnerability. A flaw is present in the application, which fails to properly track the specific X.509 certificate that a user manually accepted for an initial https WebDAV connection. Success ... oval:org.secpod.oval:def:3160 The host is installed with Apple Mac OS X 10.6.8 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to handle a locked-screen state in display sleep mode for an Apple Cinema Display. Successful exploitation could allow attackers to bypass the password ... oval:org.secpod.oval:def:3831 The host is installed with Apple Mac OS X before 10.6.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle vectors related to use of wheel group membership during access to the home directories of user accounts. Successful explo ... oval:org.secpod.oval:def:3843 The host is installed with Apple Mac OS X 10.6 before 10.6.3 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to support Login Window access control that is based solely on group membership. Successful exploitation could allow attackers to bypass int ... oval:org.secpod.oval:def:3865 The host is installed with Apple Mac OS X 10.6 before 10.6.3 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to enforce the service access control list (SACL) for weblogs during weblog creation. Successful exploitation could allow remote authenticat ... oval:org.secpod.oval:def:4299 The host is installed with Apple Mac OS X 10.5.8 or 10.6 before 10.6.4 and is prone to a cross-site scripting (XSS) vulnerability. A flaw is present in the application, which fails to handle vectors involving symbolic links. Successful exploitation could allows remote authenticated users to access a ... oval:org.secpod.oval:def:3816 The host is installed with Apple Mac OS X before 10.6.3 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly enforce the key usage extension during processing of a keychain that specifies multiple certificates for an e-mail recipient. ... oval:org.secpod.oval:def:43039 The host is installed with Apple Mac OS X 10.13.1 and is prone to an arbitrary code execution vulnerability. The flaw is present in the application, which fails to properly handle a memory corruption. Successful exploitation allows attackers to execute arbitrary code with kernel privileges. oval:org.secpod.oval:def:43043 The host is installed with Apple Mac OS X 10.13.1 and is prone to an arbitrary code execution vulnerability. The flaw is present in the application, which fails to properly handle an input validation issue. Successful exploitation allows attackers to execute arbitrary code with system privileges. oval:org.secpod.oval:def:43041 The host is installed with Apple Mac OS X 10.13.1 and is prone to an out-of-bounds memory read vulnerability. The flaw is present in the application, which fails to properly handle an out-of-bounds read issue. Successful exploitation allows attackers to execute arbitrary code with system privileges. oval:org.secpod.oval:def:43040 The host is installed with Apple Mac OS X 10.13.1 and is prone to an out-of-bounds memory read vulnerability. The flaw is present in the application, which fails to properly handle an out-of-bounds read issue. Successful exploitation allows attackers to cause unexpected system termination or read ke ... oval:org.secpod.oval:def:43046 The host is installed with Apple Mac OS X 10.13.1 or 10.12.6 or 10.11.6 and is prone to an arbitrary code execution vulnerability. The flaw is present in the application, which fails to properly handle a memory corruption issue. Successful exploitation allows attackers to execute arbitrary code with ... oval:org.secpod.oval:def:43045 The host is installed with Apple Mac OS X 10.13.1 or 10.12.6 or 10.11.6 and is prone to an arbitrary code execution vulnerability. The flaw is present in the application, which fails to properly handle multiple memory corruption issues. Successful exploitation allows attackers to execute arbitrary c ... oval:org.secpod.oval:def:43044 The host is installed with Apple Mac OS X 10.13.1 and is prone to an arbitrary code execution vulnerability. The flaw is present in the application, which fails to properly handle an input validation issue. Successful exploitation allows attackers to execute arbitrary code with system privileges. oval:org.secpod.oval:def:43049 The host is installed with Apple Mac OS X 10.13.1 or 10.12.6 or 10.11.6 and is prone to a multiple memory corruption vulnerabilities. The flaw is present in the application, which fails to properly handle a type confusion issue. Successful exploitation allows attackers to allow an application to rea ... oval:org.secpod.oval:def:43048 The host is installed with Apple Mac OS X 10.13.1 and is prone to an arbitrary code execution vulnerability. The flaw is present in the application, which fails to properly handle a memory corruption issue. Successful exploitation allows attackers to execute arbitrary code with kernel privileges. oval:org.secpod.oval:def:43050 The host is installed with Apple Mac OS X 10.13.1 or 10.12.6 or 10.11.6 and is prone to an arbitrary code execution vulnerability. The flaw is present in the application, which fails to properly handle a memory corruption issue. Successful exploitation allows attackers to allow an application to exe ... oval:org.secpod.oval:def:43054 The host is installed with Apple Mac OS X 10.13.1 and is prone to an arbitrary code execution vulnerability. The flaw is present in the application, which fails to properly handle an inconsistent user interface issue. Successful exploitation gives privileges to attackers so that a S/MIME encrypted e ... oval:org.secpod.oval:def:43053 The host is installed with Apple Mac OS X 10.13.1 or 10.12.6 or 10.11.6 and is prone to an information disclosure vulnerability. The flaw is present in the application, which fails to properly handle a validation issue. Successful exploitation allows attackers to allow an application to read restric ... oval:org.secpod.oval:def:43052 The host is installed with Apple Mac OS X 10.13.1 or 10.12.6 or 10.11.6 and is prone to an information disclosure vulnerability. The flaw is present in the application, which fails to properly handle a validation issue. Successful exploitation allows attackers to allow an application to read restric ... oval:org.secpod.oval:def:43051 The host is installed with Apple Mac OS X 10.13.1 and is prone to an arbitrary code execution vulnerability. The flaw is present in the application, which fails to properly handle a validation issue. Successful exploitation allows attackers to allow an application to read restricted memory. oval:org.secpod.oval:def:43055 The host is installed with Apple Mac OS X 10.13.1 and is prone to an arbitrary code execution vulnerability. The flaw is present in the application, which fails to properly handle an encryption issue. Successful exploitation allows attackers with a privileged network position may be able to intercep ... oval:org.secpod.oval:def:21723 The host is installed with Apple Mac OS X or Server before 10.10.1 and is prone to information disclosure vulnerability. A flaw is present in the application, which fails to properly handle unspecified vectors. Successful exploitation allows attackers to obtain sensitive information. oval:org.secpod.oval:def:21724 The host is installed with Apple Mac OS X or Server before 10.10.1 and is prone to information disclosure vulnerability. A flaw is present in the "System Profiler About This Mac", which fails to properly handle unspecified vectors. Successful exploitation allows attackers to obtain sensitive informa ... oval:org.secpod.oval:def:4285 The host is installed with Apple Mac OS X 10.6 before 10.6.4 and is prone to a cross site scripting vulnerability. A flaw is present in the application, which fails to handle via a crafted help: URL. Successful exploitation could allow attackers to inject arbitrary web script or HTML. oval:org.secpod.oval:def:4286 The host is installed with Apple Mac OS X 10.5.8 or 10.6 before 10.6.4 and is prone to a directory traversal vulnerability. A flaw is present in the application, which fails to handle directory traversal sequences in an inline image-transfer operation. Successful exploitation could allow attackers t ... oval:org.secpod.oval:def:4283 The host is installed with Apple Mac OS X 10.5.8 or 10.6 before 10.6.4 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to set the expected file ownerships. Successful exploitation allows local users to bypass intended access restrictions. oval:org.secpod.oval:def:4284 The host is installed with Apple Mac OS X 10.5.8 or 10.6 before 10.6.4 and is prone to a arbitrary file deletion vulnerability. A flaw is present in the application, which fails to handle a symlink attack in conjunction with an unmount operation on a crafted volume. Successful exploitation allows lo ... oval:org.secpod.oval:def:4296 The host is installed with Apple Mac OS X 10.6 before 10.6.4 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly interpret character encoding. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:4297 The host is installed with Apple Mac OS X 10.6 before 10.6.4 and is prone to a integer overflow vulnerability. A flaw is present in the application, which fails to handle vectors related to page sizes. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:4294 The host is installed with Apple Mac OS X 10.6 before 10.6.4 and is prone to multiple format string vulnerabilities. The flaws are present in the application, which fails to handle format string specifiers in a (1) afp, (2) cifs, or (3) smb URL. Successful exploitation could allow attackers to crash ... oval:org.secpod.oval:def:4295 The host is installed with Apple Mac OS X 10.6 before 10.6.4 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to handle certain SSL failures. Successful exploitation could allow attackers to spoof arbitrary network account servers, and poss ... oval:org.secpod.oval:def:44845 The host is installed with Apple Mac OS X 10.13.3 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle memory corruption issues. Successful exploitation allows an application to execute arbitrary code with system privileges. oval:org.secpod.oval:def:44846 The host is installed with Apple Mac OS X 10.13.3 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle memory corruption issues. Successful exploitation allows an application to execute arbitrary code with kernel privileges. oval:org.secpod.oval:def:44841 The host is installed with Apple Mac OS X 10.11.6 or 10.12.6 or 10.13.3 and is prone to an access control vulnerability. A flaw is present in the application, which fails to properly a mounted malicious disk image. Successful exploitation allows an application to launch an application. oval:org.secpod.oval:def:44842 The host is installed with Apple Mac OS X 10.13.3 and is prone to an arbitrary code injection vulnerability. A flaw is present in the application, which fails to properly handle APFS volume passwords. Successful exploitation leads to an arbitrary code injection through truncation of APFS volume pass ... oval:org.secpod.oval:def:44843 The host is installed with Apple Mac OS X 10.13.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle improper validation. Successful exploitation allows an application to gain elevated privileges. oval:org.secpod.oval:def:44844 The host is installed with Apple Mac OS X 10.11.6 or 10.12.6 or 10.13.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle improper validation. Successful exploitation allows an application to gain elevated privileges. oval:org.secpod.oval:def:44850 The host is installed with Apple Mac OS X 10.11.6 or 10.12.6 or 10.13.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle out-of-bounds read. Successful exploitation allows an application execute arbitrary code with kernel pri ... oval:org.secpod.oval:def:44851 The host is installed with Apple Mac OS X 10.13.3 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle out-of-bounds read issues. Successful exploitation allows an application to execute arbitrary code with system privileges. oval:org.secpod.oval:def:44856 The host is installed with Apple Mac OS X 10.13.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle improper validation. Successful exploitation allows an application to gain elevated privileges. oval:org.secpod.oval:def:44857 The host is installed with Apple Mac OS X 10.13.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle improper validation. Successful exploitation allows an application to gain elevated privileges. oval:org.secpod.oval:def:44858 The host is installed with Apple Mac OS X 10.13.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly input validation issues. Successful exploitation allows an application to read restricted memory. oval:org.secpod.oval:def:44859 The host is installed with Apple Mac OS X 10.13.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly input validation issues. Successful exploitation allows an application to read restricted memory. oval:org.secpod.oval:def:44852 The host is installed with Apple Mac OS X 10.11.6 or 10.12.6 or 10.13.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle maliciously crafted applications. Successful exploitation allows an application to bypass code signing en ... oval:org.secpod.oval:def:44853 The host is installed with Apple Mac OS X 10.11.6 or 10.12.6 or 10.13.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle out-of-bounds read. Successful exploitation allows an application execute arbitrary code with system pri ... oval:org.secpod.oval:def:44854 The host is installed with Apple Mac OS X 10.13.3 and is prone to an improper certificate validation vulnerability. A flaw is present in the application, which fails to properly handle S/MIME-encrypted HTML e-mail. Successful exploitation allows an application to exfiltrate the contents of S/MIME-en ... oval:org.secpod.oval:def:44855 The host is installed with Apple Mac OS X 10.13.3 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle inconsistent user-interface. Successful exploitation allows an application to intercept the contents of S/MIME-encrypted e-m ... oval:org.secpod.oval:def:44860 The host is installed with Apple Mac OS X 10.11.6 or 10.12.6 or 10.13.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle improper validation. Successful exploitation allows an application to read restricted memory. oval:org.secpod.oval:def:44861 The host is installed with Apple Mac OS X 10.13.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle improper validation. Successful exploitation allows an application to gain elevated privileges. oval:org.secpod.oval:def:44867 The host is installed with Apple Mac OS 10.13.3 or 10.12.6 or 10.11.6 and is prone to multiple vulnerabilities. The flaw is present in the application, which fails to properly handle multiple issues. Successful exploitation allows remote attackers to execute arbitrary code or read restricted memory. oval:org.secpod.oval:def:44863 The host is installed with Apple Mac OS X 10.11.6 or 10.12.6 or 10.13.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle improper validation. Successful exploitation allows an application to read restricted memory. oval:org.secpod.oval:def:44865 The host is installed with Apple Mac OS X 10.11.6 or 10.12.6 or 10.13.3 and is prone to an arbitrary code injection vulnerability. A flaw is present in the application, which fails to properly handle bracketed paste mode. Successful exploitation allows an application to execute arbitrary command exe ... oval:org.secpod.oval:def:44866 The host is installed with Apple Mac OS X 10.13.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle keystrokes entered by unprivileged applications. Successful exploitation allows an application to read restricted memory. oval:org.secpod.oval:def:44834 The host is installed with Apple Mac OS X 10.13.3 and is prone to an arbitrary code injection vulnerability. A flaw is present in the application, which fails to properly handle APFS volume passwords. Successful exploitation leads to an arbitrary code injection through truncation of APFS volume pass ... oval:org.secpod.oval:def:44835 The host is installed with Apple Mac OS X 10.11.6, 10.12.6 or 10.13.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle improper validation. Successful exploitation allows an application to gain elevated privileges. oval:org.secpod.oval:def:44836 The host is installed with Apple Mac OS X 10.11.6 or 10.12.6 or 10.13.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle improper validation. Successful exploitation allows an application to gain elevated privileges. oval:org.secpod.oval:def:44837 The host is installed with Apple Mac OS X 10.11.6 or 10.12.6 or 10.13.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle improper validation. Successful exploitation allows an application to gain elevated privileges. oval:org.secpod.oval:def:44832 The host is installed with Apple Mac OS X 10.13.3 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle passwords passed to sysadminctl tool. Successful exploitation leads to the exposure of passwords to other local users. oval:org.secpod.oval:def:44833 The host is installed with Apple Mac OS X 10.11.6, 10.12.6 or 10.13.3 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle maliciously crafted files in symlinks. Successful exploitation allows attackers to disclose user informa ... oval:org.secpod.oval:def:44839 The host is installed with Apple Mac OS X 10.11.6 or 10.12.6 and is prone to an information access vulnerability. A flaw is present in the application, which fails to properly handle maliciously crafted webpages. Successful exploitation allows an application to mount a disk image. oval:org.secpod.oval:def:1600989 do_bid_note in readelf.c in libmagic.a has a stack-based buffer over-read, related to file_printf and file_vprintf. do_core_note in readelf.c in libmagic.a has a stack-based buffer over-read, related to file_printable, a different vulnerability than CVE-2018-10360 . do_core_note in readelf.c in libm ... oval:org.secpod.oval:def:3132 he host is installed with Apple Mac OS X 10.6.8 or 10.7.0 before 10.7.2 and is prone to multiple memory corruption vulnerabilities. The flaws are present in the application, which fails to handle a crafted movie file. Successful exploitation could allow attackers to execute arbitrary code or crash t ... oval:org.secpod.oval:def:3130 The host is installed with Apple QuickTime in Apple Mac OS X 10.6.8 or 10.7.0 before 10.7.2 and is prone to multiple vulnerabilities. A flaw is present in the application, which fails to handle the atom hierarchy in movie files. Successful exploitation could allow attackers to execute arbitrary code ... oval:org.secpod.oval:def:3131 The host is installed with Apple Mac OS X 10.6.8 and is prone to a cross site scripting vulnerability. A flaw is present in the QuickTime Player's "Save for Web" application, which fails to remove reference to an online script. Successful exploitation could allow attackers to inject arbitrary code. oval:org.secpod.oval:def:3119 The host is installed with Quicktime in Apple Mac OS X 10.6.8 or 10.7 before 10.7.2 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle URL data handlers within movie files. Successful exploitation could allow attackers to disclose mem ... oval:org.secpod.oval:def:3117 The host is installed with Apple Mac OS X and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted FlashPix file. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:3121 The host is installed with Apple Mac OS X 10.6.8 or 10.7.0 before 10.7.2 and is prone to an buffer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted FLIC movie file. Successful exploitation could allow attackers to execute arbitrary code or crash the servi ... oval:org.secpod.oval:def:3774 The host is installed with Apple Mac OS X 10.6 before 10.6.3 or Apple Quicktime 7.6.6 and is prone to a buffer overflow vulnerability. A flaw is present in the applications, which fail to handle a crafted movie file with RLE encoding. Successful exploitation could allow attackers to trigger memory c ... oval:org.secpod.oval:def:3775 The host is installed with Apple Mac OS X 10.6 before 10.6.3 or Apple Quicktime 7.6.6 and is prone to a buffer overflow vulnerability. A flaw is present in the applications, which fail to handle a malformed movie file. Successful exploitation could allow attackers to trigger an incorrect buffer leng ... oval:org.secpod.oval:def:3772 The host is installed with Apple Mac OS X 10.6 before 10.6.3 or Apple Quicktime 7.6.6 and is prone to a buffer overflow vulnerability. A flaw is present in the applications, which fail to handle a crafted movie file with H.261 encoding. Successful exploitation could allow attackers to crash the serv ... oval:org.secpod.oval:def:3773 The host is installed with Apple Mac OS X 10.6 before 10.6.3 or Apple Quicktime 7.6.6 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to handle a crafted movie file with H.264 encoding. Successful exploitation could allow attackers to execute arbi ... oval:org.secpod.oval:def:3778 The host is installed with Apple Mac OS X 10.6 before 10.6.3 or Apple Quicktime 7.6.6 and is prone to a buffer overflow vulnerability. A flaw is present in the applications, which fail to handle a crafted genl atom in a QuickTime movie file with MPEG encoding. Successful exploitation could allow att ... oval:org.secpod.oval:def:3776 The host is installed with Apple Mac OS X 10.6 before 10.6.3 or Apple Quicktime 7.6.6 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to handle a crafted movie file with Sorenson encoding. Successful exploitation could allow attackers to crash the ... oval:org.secpod.oval:def:3777 The host is installed with Apple Mac OS X 10.6 before 10.6.3 or Apple Quicktime 7.6.6 and is prone to a buffer overflow vulnerability. A flaw is present in the applications, which fail to handle DELTA_FLI chunks and untrusted length values in a .fli file. Successful exploitation could allow attacker ... oval:org.secpod.oval:def:42916 The host is installed with Apple Mac OS X 10.12.6 or before 10.13.1 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to properly handle memory corruption issue. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:42919 The host is installed with Apple Mac OS X 10.11.6 or 10.12.6 or before 10.13.1 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle path handling issue. Successful exploitation could allow attackers to modify restricted areas of file syst ... oval:org.secpod.oval:def:2028 The host is installed with Apple QuickTime before 7.7, Apple Mac OS X 10.6 through 10.6.6 or 10.7.0 before 10.7.2 and is prone to cross-origin bypass vulnerability. A flaw is present in the application which fails to properly handle cross-site redirects. Successful exploitation allows remote attacke ... oval:org.secpod.oval:def:48696 The host is installed with Apple Mac OS X or Server 10.10.5, 10.11.6 or 10.12.5 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly perform memory handling. Successful exploitation could allow attackers to disclose process memory. oval:org.secpod.oval:def:48697 The host is installed with Apple Mac OS X 10.11.6 or 10.12.6 or before 10.13.1 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly perform state management. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:48695 The host is installed with Apple Mac OS X or Server 10.10.5, 10.11.6 or 10.12.5 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly perform memory handling. Successful exploitation could allow attackers to execute arbitrary code with kerne ... oval:org.secpod.oval:def:14162 The host is installed with Apple Mac OS X Server 10.6.8 or Apple Mac OS X 10.6.8 and is prone to directory service vulnerability. A flaw is present in the application which doesn't handle directory server's messages from the network. Successful exploitation could allow an attacker to execute arbitra ... oval:org.secpod.oval:def:2861 The host is installed with Apple Mac OS X 10.6 through 10.6.7 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle Microsoft office files. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:2848 The host is installed with Apple Mac OS X 10.6 through 10.6.7 and is prone to a heap based buffer overflow vulnerability. A flaw is present in the application, as it fails to handle the TrueType fonts. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:2847 The host is installed with Apple Mac OS X before 10.6.8 and is prone to an information disclosure vulnerability. A flaw is present in the application, which creates a log entry containing user's AppleID password. Successful exploitation may allow remote attackers to obtain sensitive information. oval:org.secpod.oval:def:2852 The host is installed with Apple Mac OS X 10.5.8 or 10.6.0 through 10.6.7 and is prone to an integer overflow vulnerability. A flaw is present in the application, which fails to handle Type 1 fonts. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:2855 The host is installed with Apple Mac OS X 10.5.8 or 10.6 through 10.6.7 and is prone to a heap-based buffer overflow vulnerability. A flaw is present in the application, which fails to handle JPEG2000 images. Successful exploitation could allow attackers to execute arbitrary code or crash the servic ... oval:org.secpod.oval:def:2857 The host is installed with Apple Mac OS X 10.6 through v10.6.7 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle the IPV6 sockets. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:2859 The host is installed with Apple Mac OS X 10.6 through 10.6.7 and is prone to an information disclosure vulnerability. A flaw is present in the application, which uses cleartext HTTP session to read e-mail addresses. Successful exploitation could allow a privileged attacker to retrieve an user's ema ... oval:org.secpod.oval:def:2592 The host is missing a security update according to APPLE-SA-2011-01-06-1. The update is required to fix multiple vulnerabilities. The flaws are present in PackageKit, which fail to handle distribution scripts. Successful exploitation could allow an attacker to execute arbitrary code or crash the ser ... oval:org.secpod.oval:def:2593 The host is installed with Apple Mac OS X 10.6 through 10.6.5 and is prone to a format string vulnerability. A flaw is present in the application, which fails to prevent man in the middle attack. Successful exploitation could allow an attacker to execute arbitrary code or crash the service. oval:org.secpod.oval:def:2590 The host is installed with Apple Mac OS X before 10.6.7 and is prone to an integer overflow vulnerability. A flaw is present in the application, which fails to handle a Microsoft Office document with a crafted size field. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:48708 The host is installed with Apple Mac OS X 10.13.1 or 10.12.6 or 10.11.6 and is prone to an out-of-bounds read vulnerability. A flaw is present in the application, which fails to properly perform bounds checking. Successful exploitation allows attackers to read restricted memory. oval:org.secpod.oval:def:48705 The host is installed with Apple Mac OS X or Server 10.12.3 and is prone to an insufficient locking vulnerability. A flaw is present in the application, which fails to properly perform state management. Successful exploitation could allow the screen to unexpectedly remain unlocked when the lid is cl ... oval:org.secpod.oval:def:54621 The host is installed with Apple Mac OS X 10.12.6 or 10.13.6 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a memory related issue. Successful exploitation allows an attacker to execute arbitrary code with system privileges. oval:org.secpod.oval:def:1801090 In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name. oval:org.secpod.oval:def:1801091 In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name. oval:org.secpod.oval:def:1801087 In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name. oval:org.secpod.oval:def:1801089 In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name. oval:org.secpod.oval:def:24433 The host is installed with Apple Mac OS X or Server 10.8.5, 10.9.5 or 10.10.x through 10.10.2 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to properly handle a crafted bundle. Successful exploitation allows remote attackers to launch specially cr ... oval:org.secpod.oval:def:24434 The host is installed with Apple Mac OS X or Server 10.8.5, 10.9.5 or 10.10.x through 10.10.2 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to properly handle a crafted bundle. Successful exploitation allows remote attackers to launch specially cr ... oval:org.secpod.oval:def:24417 The host is installed with Apple Mac OS X or Server 10.8.5, 10.9.5 or 10.10.x through 10.10.2 and is prone to a type confusion vulnerability. A flaw is present in the application, which fails to properly handle a crafted localized string. Successful exploitation allows local users to gain privileges ... oval:org.secpod.oval:def:24403 The host is installed with Apple Mac OS X or Server 10.8.5, 10.9.5 or 10.10.x through 10.10.2 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle unspecified vectors. Successful exploitation allows attackers to gain privileges. oval:org.secpod.oval:def:24404 The host is installed with Apple Mac OS X or Server 10.8.5, 10.9.5 or 10.10.x through 10.10.2 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle unspecified vectors. Successful exploitation allows attackers to gain privileges. oval:org.secpod.oval:def:24405 The host is installed with Apple Mac OS X or Server 10.8.5, 10.9.5 or 10.10.x through 10.10.2 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle unspecified vectors. Successful exploitation allows attackers to gain privileges. oval:org.secpod.oval:def:24406 The host is installed with Apple Mac OS X or Server 10.8.5, 10.9.5 or 10.10.x through 10.10.2 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle unspecified vectors. Successful exploitation allows attackers to gain privileges. oval:org.secpod.oval:def:24407 The host is installed with Apple Mac OS X or Server 10.8.5, 10.9.5 or 10.10.x through 10.10.2 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle unspecified vectors. Successful exploitation allows attackers to gain privileges. oval:org.secpod.oval:def:24408 The host is installed with Apple Mac OS X or Server 10.8.5, 10.9.5 or 10.10.x through 10.10.2 and is prone to an use-after-free vulnerability. A flaw is present in the application, which fails to properly handle crafted data. Successful exploitation allows attackers to execute arbitrary code. oval:org.secpod.oval:def:24410 The host is installed with Apple Mac OS X or Server 10.8.5, 10.9.5 or 10.10.x through 10.10.2 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted .sgi file. Successful exploitation allows attackers to crash the service. oval:org.secpod.oval:def:24411 The host is installed with Apple Mac OS X or Server 10.8.5, 10.9.5 or 10.10.x through 10.10.2 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle crafted data. Successful exploitation allows attackers to execute arbitrary code. oval:org.secpod.oval:def:24451 The host is installed with Apple Mac OS X or Server 10.9.5 or 10.10.x through 10.10.2 and is prone to a null pointer dereference vulnerability. A flaw is present in the application, which fails to properly perform content validation. Successful exploitation allows attackers to execute arbitrary code ... oval:org.secpod.oval:def:24452 The host is installed with Apple Mac OS X or Server 10.9.5 or 10.10.x through 10.10.2 and is prone to an information disclosure vulnerability. A flaw is present in the application, which sends unencrypted password-change requests in certain circumstances involving missing certificates. Successful ex ... oval:org.secpod.oval:def:43362 The host is installed with Apple Mac OS X 10.13.1 or 10.12.6 or 10.11.6 and is prone to a denial of service vulnerability. The flaw is present in the application, which fails to properly handle a memory corruption issue. Successful exploitation allows an application to execute arbitrary code with sy ... oval:org.secpod.oval:def:43361 The host is installed with Apple Mac OS X 10.13.1 or 10.12.6 or 10.11.6 and is prone to a denial of service vulnerability. The flaw is present in the application, which fails to properly handle a memory corruption issue. Successful exploitation allows an application to execute arbitrary code with sy ... oval:org.secpod.oval:def:43366 The host is installed with Apple Mac OS X 10.13.1 and is prone to an arbitrary code execution vulnerability. The flaw is present in the application, which fails to properly handle a memory corruption. Successful exploitation allows attackers to execute arbitrary code with kernel privileges. oval:org.secpod.oval:def:43365 The host is installed with Apple Mac OS X 10.13.1 and is prone to an arbitrary code execution vulnerability. The flaw is present in the application, which fails to properly handle a memory corruption. Successful exploitation allows attackers to execute arbitrary code with kernel privileges. oval:org.secpod.oval:def:43364 The host is installed with Apple Mac OS X 10.13.1 or 10.12.6 and is prone to a denial of service vulnerability. The flaw is present in the application, which fails to properly handle screen sharing sessions. Successful exploitation allows a user with screen sharing access to access any file readable ... oval:org.secpod.oval:def:43363 The host is installed with Apple Mac OS X 10.13.1 or 10.12.6 or 10.11.6 and is prone to a security bypass vulnerability. The flaw is present in the application, which fails to properly handle an input validation issue existing in the kernel. Successful exploitation allows a local user to cause unexp ... oval:org.secpod.oval:def:4320 The host is installed with Apple Mac OS 10.5.8 or 10.6.0 before 10.6.4 and is prone to multiple integer overflow vulnerabilities. The flaws are present in the application, which fails to handle a crafted TIFF file. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:4287 The host is installed with Apple Mac OS X 10.5.8 or 10.6 before 10.6.4 and is prone to multiple integer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted TIFF file. Successful exploitation could allow attackers to trigger a heap-based buffer overflow. oval:org.secpod.oval:def:45930 The host is installed with Apple Mac OS X 10.11.6, 10.12.6 or 10.13.4 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a memory related issue. Successful exploitation allows attackers to execute arbitrary code with system privile ... oval:org.secpod.oval:def:45902 The host is installed with Apple Mac OS X 10.13.4 and is prone to a type confusion vulnerability. A flaw is present in the application, which fails to properly handle the memory handling issue. Successful exploitation allows attackers with a malicious application to elevate privileges. oval:org.secpod.oval:def:45903 The host is installed with Apple Mac OS X 10.11.6 or 10.12.6 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle an object management issue. Successful exploitation allows attackers to determine kernel memory layout. oval:org.secpod.oval:def:45904 The host is installed with Apple Mac OS X 10.13.4 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle the configuration issue. Successful exploitation allows attackers with root privileges to modify the EFI flash memory region. oval:org.secpod.oval:def:45900 The host is installed with Apple Mac OS X 10.13.4 and is prone to an out-of-bounds read vulnerability. A flaw is present in the application, which fails to properly handle input validation issue. Successful exploitation allows attackers to read kernel memory. oval:org.secpod.oval:def:45909 The host is installed with Apple Mac OS X 10.13.4 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle an input validation issue. Successful exploitation allows attackers to spoof password prompts in iBooks. oval:org.secpod.oval:def:45905 The host is installed with Apple Mac OS X 10.11.6, 10.12.6 or 10.13.4 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a validation issue. Successful exploitation allows attackers to perform arbitrary code execution. oval:org.secpod.oval:def:45906 The host is installed with Apple Mac OS X 10.13.4 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle the entitlement plists issue. Successful exploitation allows attackers to circumvent sandbox restrictions. oval:org.secpod.oval:def:45907 The host is installed with Apple Mac OS X 10.11.6, 10.12.6 or 10.13.4 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle an input sanitization issue. Successful exploitation allows attackers to read restricted memory. oval:org.secpod.oval:def:45912 The host is installed with Apple Mac OS X 10.13.4 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle a memory related issue. Successful exploitation allows attackers to execute arbitrary code with kernel privileges. oval:org.secpod.oval:def:45913 The host is installed with Apple Mac OS X 10.13.4 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle a memory related issue. Successful exploitation allows attackers to execute arbitrary code with kernel privileges. oval:org.secpod.oval:def:45914 The host is installed with Apple Mac OS X 10.11.6, 10.12.6 or 10.13.4 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a validation issue. Successful exploitation allows attackers to perform a denial of service attack. oval:org.secpod.oval:def:45910 The host is installed with Apple Mac OS X 10.13.4 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle an input sanitization issue. Successful exploitation allows attackers to read restricted memory. oval:org.secpod.oval:def:45911 The host is installed with Apple Mac OS X 10.13.4 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle a locking issue. Successful exploitation allows attackers to execute arbitrary code with kernel privileges. oval:org.secpod.oval:def:45916 The host is installed with Apple Mac OS X 10.13.4 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a bounds checking issue. Successful exploitation allows attackers to execute arbitrary code with kernel privileges. oval:org.secpod.oval:def:45917 The host is installed with Apple Mac OS X 10.13.4 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a bounds checking issue. Successful exploitation allows attackers to execute arbitrary code with kernel privileges. oval:org.secpod.oval:def:45918 The host is installed with Apple Mac OS X 10.13.4 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle a validation issue. Successful exploitation allows attackers to gain elevated privileges. oval:org.secpod.oval:def:45919 The host is installed with Apple Mac OS X 10.13.4 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle an encrypted mail issue. Successful exploitation allows attackers to exfiltrate the contents of S/MIME-encrypted e-mail. oval:org.secpod.oval:def:45923 The host is installed with Apple Mac OS X 10.13.4 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle a state management issue. Successful exploitation allows attackers to read a persistent account identifier. oval:org.secpod.oval:def:45924 The host is installed with Apple Mac OS X 10.13.4 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle the S-MIME certificaties issue. Successful exploitation allows attackers to track users by malicious websites using client certificates ... oval:org.secpod.oval:def:45925 The host is installed with Apple Mac OS X 10.13.4 and is prone to a security authorization vulnerability. A flaw is present in the application, which fails to properly handle a state management issue. Successful exploitation allows attackers to read a persistent device identifier. oval:org.secpod.oval:def:45926 The host is installed with Apple Mac OS X 10.13.4 and is prone to a security authorization vulnerability. A flaw is present in the application, which fails to properly handle a state management issue. Successful exploitation allows attackers to read a persistent device identifier. oval:org.secpod.oval:def:45920 The host is installed with Apple Mac OS X 10.13.4 and is prone to a messages injection vulnerability. A flaw is present in the application, which fails to properly handle an input validation issue. Successful exploitation allows attackers to conduct impersonation attacks. oval:org.secpod.oval:def:45921 The host is installed with Apple Mac OS X 10.13.4 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a message validation issue. Successful exploitation allows attackers to lead to denial of service. oval:org.secpod.oval:def:45922 The host is installed with Apple Mac OS X 10.13.4 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle a locking issue. Successful exploitation allows attackers to execute arbitrary code with kernel privileges. oval:org.secpod.oval:def:45927 The host is installed with Apple Mac OS X 10.13.4 and is prone to a security authorization vulnerability. A flaw is present in the application, which fails to properly handle a state management issue. Successful exploitation allows attackers to read a persistent device identifier. oval:org.secpod.oval:def:45928 The host is installed with Apple Mac OS X 10.13.4 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle a microphone access issue. Successful exploitation allows attackers to circumvent sandbox restrictions. oval:org.secpod.oval:def:45929 The host is installed with Apple Mac OS X 10.13.4 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a text validation issue. Successful exploitation allows attackers to lead to a denial of service. oval:org.secpod.oval:def:45899 The host is installed with Apple Mac OS X 10.13.4 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle memory management issue. Successful exploitation allows attackers to execute arbitrary code with system privileges. oval:org.secpod.oval:def:116061 The file command is used to identify a particular file according to the type of data contained by the file. File can identify many different file types, including ELF binaries, system libraries, RPM packages, and different graphics formats. oval:org.secpod.oval:def:116108 The file command is used to identify a particular file according to the type of data contained by the file. File can identify many different file types, including ELF binaries, system libraries, RPM packages, and different graphics formats. oval:org.secpod.oval:def:4298 The host is installed with Apple Mac OS X 10.6 before 10.6.4 and is prone to a cross-site scripting (XSS) vulnerability. A flaw is present in the application, which fails to handle a crafted URI that triggers a UTF-7 error page. Successful exploitation could allow remote attackers to inject arbitrar ... oval:org.secpod.oval:def:3502 The host is installed with Apple Mac OS X 10.5.8 or 10.6.2 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted MP4 audio file. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:3505 The host is installed with Apple Mac OS X 10.5.8 or 10.6.2 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted DNG image. Successful exploitation could allow attackers to overflow the buffer. oval:org.secpod.oval:def:3830 The host is installed with Apple Mac OS X before 10.6.3 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly validate hostnames of SSH clients. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:3828 The host is installed with Apple Mac OS X before 10.6.3 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to properly handle a crafted disk image with bzip2 compression. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:3829 The host is installed with Apple Mac OS X before 10.6.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly perform authorization during processing of record names. Successful exploitation could allow local users to gain privileges. oval:org.secpod.oval:def:3812 The host is installed with Apple Mac OS X before 10.6.3 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to properly handle a mount request. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:3821 The host is installed with Apple Mac OS X before 10.6.3 and is prone to a directory traversal vulnerability. A flaw is present in the application, which allow attackers to share root's parent directory, and read and modify files in that directory. Successful exploitation could allow attackers to obt ... oval:org.secpod.oval:def:3827 The host is installed with Apple Mac OS X before 10.6.3 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted disk image with bzip2 compression. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:3818 The host is installed with Apple Mac OS X before 10.6.3 and is prone to a incomplete blacklist vulnerability. A flaw is present in the application, which fails to properly handle a web page that offers a download with a Content-Type value that is not on the list of possibly unsafe content types for ... oval:org.secpod.oval:def:3770 The host is installed with Apple Quicktime before 7.6.6 or Apple Mac OS X 10.6 before 10.6.2 and is prone to multiple memory corruption vulnerabilities. The flaws are present in the application, which fails to handle crafted audio content with QDMC encoding. Successful exploitation could allow attac ... oval:org.secpod.oval:def:3771 The host is installed with Apple Mac OS X 10.6 before 10.6.3 or Apple Quicktime 7.6.6 and is prone to a buffer overflow vulnerability. A flaw is present in the applications, which fail to handle a malformed .3g2 movie file. Successful exploitation could allow attackers to trigger an incorrect buffer ... oval:org.secpod.oval:def:3870 The host is installed with Apple Mac OS X 10.6 before 10.6.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly resolve pathnames in certain circumstances involving an application's save panel. Successful exploitation could allow attac ... oval:org.secpod.oval:def:3877 The host is installed with Apple Mac OS X 10.6 before 10.6.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails properly perform access control checks. Successful exploitation could allow remote authenticated users to bypass intended access restri ... oval:org.secpod.oval:def:3876 The host is installed with Apple Mac OS X 10.6 before 10.6.3 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails ensure that copied files are owned by the user performing the copy. Successful exploitation could allow local users to bypass intended disk- ... oval:org.secpod.oval:def:3769 The host is installed with Apple Mac OS X before 10.6.3 or Quicktime before 7.7.6 and is prone to a denial of service vulnerability. A flaw is present in the applications, which fails to handle crafted audio content with QDM2 encoding. Successful exploitation could allow attackers to crash the servi ... oval:org.secpod.oval:def:113037 SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL database w ... oval:org.secpod.oval:def:113032 SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL database w ... oval:org.secpod.oval:def:113023 Spatialite-Tools is a set of useful CLI tools for SpatiaLite. oval:org.secpod.oval:def:113139 Chromium is an open-source web browser, powered by WebKit . oval:org.secpod.oval:def:603037 Several vulnerabilities have been discovered in the chromium web browser. CVE-2017-5087 Ned Williamson discovered a way to escape the sandbox. CVE-2017-5088 Xiling Gong discovered an out-of-bounds read issue in the v8 javascript library. CVE-2017-5089 Michal Bentkowski discovered a spoofing issue. C ... oval:org.secpod.oval:def:113068 Chromium is an open-source web browser, powered by WebKit . oval:org.secpod.oval:def:5794 The host is installed with Apple Mac OS X 10.7.x before 10.7.4 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle vectors involving a temporary files. Successful exploitation could allow attackers to gain privileges. oval:org.secpod.oval:def:5810 The host is installed with Apple Mac OS X 10.6.8 or 10.7.0 before 10.7.4 and is prone to an integer overflow vulnerability. A flaw is present in the application, which fails to properly handle crafted MPEG file. Successful exploitation could allow attackers to execute arbitrary code or crash the ser ... oval:org.secpod.oval:def:5811 The host is installed with Apple Mac OS X 10.6.8 or 10.7.0 before 10.7.4 and is prone to a buffer underflow vulnerability. A flaw is present in the application, which fails to properly handle crafted MPEG file. Successful exploitation could allow attackers to execute arbitrary code or crash the serv ... oval:org.secpod.oval:def:5818 The host is installed with Apple Mac OS X 10.6.8 or 10.7.0 before 10.7.4 and is prone to an integer overflow vulnerability. A flaw is present in the application, which fails to properly handle a crafted input. Successful exploitation could allow attackers to execute arbitrary code or crash the servi ... oval:org.secpod.oval:def:5809 The host is installed with Apple Mac OS X 10.6.8 or 10.7.0 before 10.7.4 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle crafted audio sample tables in a movie file. Successful exploitation could allow attackers to execute arbitra ... oval:org.secpod.oval:def:5808 The host is installed with Apple Mac OS X 10.6.8 or 10.7.0 before 10.7.4 and is prone to an improper access control vulnerability. A flaw is present in the application, which fails to properly handle screen savers. Successful exploitation could allow attackers to bypass screen locking and launch a S ... oval:org.secpod.oval:def:5819 The host is installed with Apple Mac OS X 10.7.0 before 10.7.4 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails does not require continued use of SRP-based authentication after this authentication method is first used. Successful exploitation could a ... oval:org.secpod.oval:def:5802 The host is installed with Apple Mac OS X 10.6.8 or 10.7.0 before 10.7.4 and is prone to a network sniffing attack vulnerability. A flaw is present in the application, which fails to properly restrict the length of RSA keys within X.509 certificates. Successful exploitation could allow attackers to ... oval:org.secpod.oval:def:5801 The host is installed with Apple Mac OS X 10.6.8 or 10.7.0 before 10.7.4 and is prone to an uninitialized memory access vulnerability. A flaw is present in the application, which fails to properly handle X.509 certificates. Successful exploitation could allow attackers to execute arbitrary code or c ... oval:org.secpod.oval:def:21725 The host is installed with Apple Mac OS X or Server before 10.10.1 or Apple Safari before 6.2.1, 7.x before 7.1.1 or 8.x before 8.0.1 and is prone to use-after-free vulnerability. A flaw is present in the WebKit, which fails to properly handle a crafted page objects in an HTML document. Successful e ... oval:org.secpod.oval:def:2851 The host is installed with Apple Mac OS X 10.6 through 10.6.8 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle CFString object. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:2850 The host is installed with Mac OS X 10.6 through 10.6.7 or Apple Safari before 5.0.5 and is prone to an integer overflow vulnerability. A flaw is present in the application, which fails to handle images with an embedded ColorSync profile. Successful exploitation could allow attackers to execute arbi ... oval:org.secpod.oval:def:2856 The host is installed with Apple Mac OS X and is prone to a buffer overflow vulnerability. A flaw is present in the application, as it fails to handle uppercase strings. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:45896 The host is missing a security update according to Apple advisory, APPLE-SA-2018-06-01-3. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary ... oval:org.secpod.oval:def:2854 The host is installed with Apple Mac OS X 10.5.8 or 10.6 through 10.6.7 and is prone to a heap based buffer overflow vulnerability. A flaw is present in the application, as it fails to handle TIFF images. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:3900 The host is installed with Apple Mac OS X 10.6.8 or 10.7.x before 10.7.3 and is prone to a certificate spoofing vulnerability. The flaw is present in the application, which fails to properly handle an untrusted attribute of a certification authority certificate. Successful exploitation could allow a ... oval:org.secpod.oval:def:3891 The host is installed with Apple Mac OS X 10.6.8 or 10.7.x before 10.7.3 and is prone to a memory corruption vulnerability. The flaw is present in the application, which fails to properly perform OpenGL Shading Language (aka GLSL) compilation. Successful exploitation could allow attackers to execute ... oval:org.secpod.oval:def:3896 The host is installed with Apple Mac OS X 10.7.x before 10.7.3 and is prone to a heap based buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a crafted movie file with H.264 encoding. Successful exploitation could allow attackers to execute arbitrary ... oval:org.secpod.oval:def:3888 The host is installed with Apple Mac OS X 10.6.8 or 10.7.x before 10.7.3 and is prone to a buffer overflow vulnerability. The flaw is present in the application, which fails to handle a crafted PNG file. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:3889 The host is installed with Apple Mac OS X 10.6.8 or 10.7.x before 10.7.3 and is prone to an Off-by-one buffer overflow vulnerability. The flaw is present in the application, which fails to handle a crafted rdrf atom in a movie file. Successful exploitation could allow attackers to execute arbitrary ... oval:org.secpod.oval:def:21726 The host is installed with Apple Mac OS X or Server 10.10.x before 10.10.2 and is prone to information disclosure vulnerability. A flaw is present in the application, which does not properly clear the browsing cache upon a transition out of private-browsing mode. Successful exploitation allows attac ... oval:org.secpod.oval:def:21722 The host is missing a security update according to Apple advisory, APPLE-SA-2014-11-17-2. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle certain vectors. Successful exploitation allows attackers to execute remote code or obtain ... oval:org.secpod.oval:def:10708 The host is installed with Mac OS X 10.8.x before 10.8.2 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle a crafted application from reading passwords entered into Login Window. Successful exploitation could allow attackers to read ... oval:org.secpod.oval:def:10709 The host is installed with Mac OS X 10.6.8 or OS X Lion v10.7 to v10.7.4 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to handle an e-mail message that triggers the loading of a third-party plugin. Successful exploitation could allow att ... oval:org.secpod.oval:def:3030 The host is installed with Apple Mac OS X 10.5.8 or 10.6 through 10.6.6 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle an unspecified integer field in an NFS RPC packet. Successful exploitation could allow attackers to crash th ... oval:org.secpod.oval:def:10703 The host is installed with Mac OS X 10.6.8 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to perform proper bounds checking. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:3047 The host is installed with Apple Mac OS X 10.6 through 10.6.6 and is prone to man-in-the-middle attack. A flaw is present in the application, which fails to prevent leveraging protocol vulnerabilities. Successful exploitation could allow attackers to spoof SSH servers. oval:org.secpod.oval:def:10719 The host is installed with OS X Lion v10.7 to v10.7.4 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly perform authentication for the Device Management private interface. Successful exploitation could allow attackers to enumerate ... oval:org.secpod.oval:def:10710 The host is installed with Mac OS X 10.8.x before 10.8.2 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to create password hash only when mobile account is used as an external account. Successful exploitation could allow attackers to obtain ... oval:org.secpod.oval:def:3040 The host is installed Quicklook in Apple Mac OS X 10.6 through 10.6.6 and is prone to a denial of service vulnerability. A flaw is present in the application, that fials to handle an Excel spreadsheet with a crafted formula that uses unspecified opcodes. Successful exploitation could allow attackers ... oval:org.secpod.oval:def:3041 The host is installed with QuickTime in Apple Mac OS X 10.6 through 10.6.6 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted JPEG2000 image. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:3011 The host is installed with Apple Mac OS X 10.6 through 10.6.6 and is prone to multiple buffer overflow vulnerabilities. The flaws are present in the application, which fails to handle a document that contains a crafted embedded Type 1 font. Successful exploitation could allow attackers to execute ar ... oval:org.secpod.oval:def:3012 The host is installed with Apple Mac OS X 10.6 through 10.6.6 and is prone to multiple buffer overflow vulnerabilities. A flaw is present in the application, which fails to handle a document that contains a crafted SFNT table in an embedded font. Successful exploitation could allow attackers to exec ... oval:org.secpod.oval:def:3010 The host is installed with Apple Mac OS X and is prone to multiple buffer overflow vulnerabilities. The flaws are present in the application, which fails to handle a document that contains a crafted embedded TrueType font. Successful exploitation could allow attackers to cause multiple buffer overfl ... oval:org.secpod.oval:def:3014 The host is installed with Apple Mac OS X 10.6 through 10.6.6 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle a call with the kTemporaryFolderType flag. Successful exploitation could allow attackers to disclose sensitive informatio ... oval:org.secpod.oval:def:3019 The host is installed with Apple Mac OS X 10.6 through 10.6.6 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle a document that contains a crafted embedded font. Successful exploitation could allow attackers to execute arbitrary code o ... oval:org.secpod.oval:def:3022 The host is installed with Apple Mac OS X 10.6 through 10.6.6 and is prone to an integer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted TIFF image with JPEG encoding. oval:org.secpod.oval:def:3023 The host is installed with Apple Mac OS X 10.6 through 10.6.6 and is prone to multiple buffer overflow vulnerabilities. The flaws are present in the applications, which fails to handle a crafted Canon RAW image. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:3020 The host is installed with Apple Mac OS X 10.6 through 10.6.6 and is prone to an integer overflow vulnerability. A flaw is present in the application, which fails to read arbitrary (1) HFS, (2) HFS+, or (3) HFS+J files. Successful exploitation could allow attackers to read arbitrary data. oval:org.secpod.oval:def:3021 The host is installed with Apple Mac OS X 10.5.8 or 10.6 through 10.6.6 and is prone to an integer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted XBM image. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:3024 The host is installed with Apple Mac OS X 10.6 through 10.6.6 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to handle a URL processing issue in Install Helper. Successful exploitation could allow attackers to track user logins. oval:org.secpod.oval:def:3029 The host is installed with Apple Mac OS X 10.6 through 10.6.6 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which does not properly handle call gates. Successful exploitation could allow attackers to gain privileges. oval:org.secpod.oval:def:3005 The host is installed with Mac OS X 10.6 through 10.6.6 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a divide by zero error. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:3008 The host is installed with Mac OS X 10.6 through 10.6.6 and is prone to multiple format string vulnerabilities. A flaw is present in the application, which fails to handle format string specifiers. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:3009 The host is installed with Apple Mac OS X 10.6.0 through 10.6.6 and is prone to a heap-based buffer overflow vulnerability. A flaw is present in the application which fails to handle open type fonts. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:10722 The host is installed with Mac OS X 10.6.8 or 10.7 before 10.7.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted movie file with Sorenson encoding. Successful exploitation allows remote attackers to execute arbitrary code or ca ... oval:org.secpod.oval:def:10724 The host is installed with Mac OS X 10.7 before 10.7.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle USB hub descriptors. Successful exploitation allows remote attackers to execute arbitrary code or cause a denial of service. oval:org.secpod.oval:def:53567 The host is installed with Apple Mac OS X 10.12.6, 10.13.6 or 10.14.3 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle an issue in perl. Successful exploitation allows an attacker to cause unspecified impact. oval:org.secpod.oval:def:53350 Jakub Wilk discovered a directory traversal flaw in the Archive::Tar module, allowing an attacker to overwrite any file writable by the extracting user via a specially crafted tar archive. oval:org.secpod.oval:def:114665 Archive::Tar provides an object oriented mechanism for handling tar files. It provides class methods for quick and easy files handling while also allowing for the creation of tar file objects for custom manipulation. If you have the IO::Zlib module installed, Archive::Tar will also support compresse ... oval:org.secpod.oval:def:114659 Archive::Tar provides an object oriented mechanism for handling tar files. It provides class methods for quick and easy files handling while also allowing for the creation of tar file objects for custom manipulation. If you have the IO::Zlib module installed, Archive::Tar will also support compresse ... oval:org.secpod.oval:def:603428 Jakub Wilk discovered a directory traversal flaw in the Archive::Tar module, allowing an attacker to overwrite any file writable by the extracting user via a specially crafted tar archive. oval:org.secpod.oval:def:704204 perl: Practical Extraction and Report Language Perl could be made to overwrite arbitrary files if it received a specially crafted archive file. oval:org.secpod.oval:def:51088 perl: Practical Extraction and Report Language Perl could be made to overwrite arbitrary files if it received a specially crafted archive file. oval:org.secpod.oval:def:1901135 do_core_note in readelf.c in libmagic.a in file 5.35 has an out-of-bounds read because memcpy is misused. oval:org.secpod.oval:def:53018 file: Tool to determine file types Several security issues were fixed in file. oval:org.secpod.oval:def:704827 file: Tool to determine file types Several security issues were fixed in file. oval:org.secpod.oval:def:4280 The host is installed with Apple Mac OS X 10.5.8 or 10.6 before 10.6.4 and is prone to a cross-site request forgery vulnerability. A flaw is present in the application, which fails to handle requests that change settings. Successful exploitation could allow attackers to hijack the authentication of ... oval:org.secpod.oval:def:45908 The host is installed with Apple Mac OS X 10.13.4 or 10.12.6 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a locking issue. Successful exploitation allows attackers to execute arbitrary code with kernel privileges. oval:org.secpod.oval:def:48636 The host is installed with Apple Mac OS X 10.12.6 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a locking issue. Successful exploitation allows an attacker to execute arbitrary code with kernel privileges. oval:org.secpod.oval:def:43634 The host is installed with Apple Mac OS X 10.13.2 or 10.12.6 and is prone to a denial of service vulnerability. The flaw is present in the application, which fails to properly handle a resource exhaustion issue. Successful exploitation allows an application to cause denial of service. oval:org.secpod.oval:def:43633 The host is installed with Apple Mac OS X 10.13.2 and is prone to an information disclosure vulnerability. The flaw is present in the application, which fails to properly handle a validation issue. Successful exploitation allows an application to read restricted memory. oval:org.secpod.oval:def:43632 The host is installed with Apple Mac OS X 10.13.2 or 10.12.6 and is prone to an arbitrary code execution vulnerability. The flaw is present in the application, which fails to properly handle a logic issue. Successful exploitation allows an application to execute an arbitrary code with kernel privile ... oval:org.secpod.oval:def:43631 The host is installed with Apple Mac OS X 10.13.2 or 10.12.6 or 10.11.6 and is prone to an arbitrary code execution vulnerability. The flaw is present in the application, which fails to properly handle a memory corruption issue. Successful exploitation allows an application to execute an arbitrary c ... oval:org.secpod.oval:def:43638 The host is installed with Apple Mac OS X 10.13.2 or 10.12.6 or 10.11.6 and is prone to an information disclosure vulnerability. The flaw is present in the application, which fails to properly handle a validation issue. Successful exploitation allows an attacker to read restricted memory. oval:org.secpod.oval:def:43637 The host is installed with Apple Mac OS X 10.13.2 or 10.12.6 and is prone to a privilege escalation vulnerability. The flaw is present in the application, which fails to properly handle a certificate evaluation issue. Successful exploitation makes a certificate to have name constraints applied incor ... oval:org.secpod.oval:def:43636 The host is installed with Apple Mac OS X 10.13.2 and is prone to an unspecified vulnerability. The flaw is present in the application, which fails to properly handle an access issue. Successful exploitation allows a sandboxed process to circumvent sandbox restrictions. oval:org.secpod.oval:def:43635 The host is installed with Apple Mac OS X 10.13.2 or 10.12.6 or 10.11.6 and is prone to an arbitrary code execution vulnerability. The flaw is present in the application, which fails to properly handle a memory corruption issue. Successful exploitation allows an attacker to perform an arbitrary code ... oval:org.secpod.oval:def:43627 The host is installed with Apple Mac OS X 10.13.2 or 10.12.6 or 10.11.6 and is prone to an arbitrary code execution vulnerability. The flaw is present in the application, which fails to properly handle a memory corruption issue. Successful exploitation allows attackers to execute an arbitrary code w ... oval:org.secpod.oval:def:43625 The host is installed with Apple Mac OS X 10.13.2 or 10.12.6 and is prone to a remote code execution vulnerability. The flaw is present in the application, which fails to properly handle a memory corruption issue. Successful exploitation allows attackers to execute an arbitrary code by processing a ... oval:org.secpod.oval:def:43629 The host is installed with Apple Mac OS X 10.13.2 and is prone to an information disclosure vulnerability. The flaw is present in the application, which fails to properly handle a memory initialization issue. Successful exploitation allows an application to read restricted memory. oval:org.secpod.oval:def:43630 The host is installed with Apple Mac OS X 10.13.2 and is prone to an information disclosure vulnerability. The flaw is present in the application, which fails to properly handle a race condition issue. Successful exploitation allows an application to read restricted memory. oval:org.secpod.oval:def:114424 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:113991 WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKitGTK+ for GTK+ 3. oval:org.secpod.oval:def:48698 The host is installed with Apple Mac OS X 10.13.2 or 10.12.6 and is prone to a privilege escalation vulnerability. The flaw is present in the application, which fails to properly perform state management. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:113936 WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKitGTK+ for GTK+ 3. oval:org.secpod.oval:def:43213 The host is missing a security update according to apple advisory, APPLE-SA-2017-12-13-4. The update is required to fix multiple memory corruption vulnerabilities.The flaws are present in the application, which fails to properly handle maliciously crafted web content or client certificates. Successf ... oval:org.secpod.oval:def:703972 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK+. oval:org.secpod.oval:def:43587 The host is missing a security update according to apple advisory, APPLE-SA-2018-1-23-6. The update is required to fix multiple memory corruption vulnerabilities.The flaws are present in the application, which fails to properly handle maliciously crafted web content. Successful exploitation could al ... oval:org.secpod.oval:def:115029 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:4305 The host is missing a security update according to Apple advisory, APPLE-SA-2010-06-15-1 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to handle malicious data. Successful exploitation allows remote attackers to crash the service, execute arbitrary o ... oval:org.secpod.oval:def:2849 The host is installed with Apple Mac OS X 10.6 through 10.6.7 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to check the CRL properly and a revoked certificate may be accepted as valid. Successful exploitation could allow attackers to spo ... oval:org.secpod.oval:def:2000274 Bluetooth firmware or operating system software drivers in macOS versions before 10.13, High Sierra and iOS versions before 11.4, and Android versions before the 2018-06-05 patch may not sufficiently validate elliptic curve parameters used to generate public keys during a Diffie-Hellman key exchange ... oval:org.secpod.oval:def:46880 The host is installed with Apple Mac OS X 10.13.5 , 10.13.4 or before 10.14 and is prone to a denial-of-service vulnerability. A flaw is present in the application, which fails to properly handle an input validation issue. On successful exploitation, an attacker may be able to intercept bluetooth tr ... oval:org.secpod.oval:def:43639 The host is installed with Apple Mac OS 10.13.1 or 10.12.6 or 10.11.6 and is prone to multiple vulnerabilities. The flaw is present in the application, which fails to properly handle multiple issues. Successful exploitation allows remote attackers to execute arbitrary code or read restricted memory. oval:org.secpod.oval:def:3050 The host is missing an important security update according to, APPLE-SA-2011-03-21-1. The update is required to fix multiple remote code execution vulnerabilities. The flaws are present in the application, which fail to sanitize user supplied input. Successful exploitation could allow attackers to e ... oval:org.secpod.oval:def:30961 The host is missing a security update according to Apple advisory, APPLE-SA-2015-09-30-3. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code, dis ... oval:org.secpod.oval:def:30907 The host is installed with Apple Mac OS X or Server 10.6.8 before 10.11 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle unknown vectors. Successful exploitation could allow attackers to produce unknown impact. oval:org.secpod.oval:def:14174 The host is missing an important security update according to Apple advisory, APPLE-SA-2013-06-04-1. The update is required to fix multiple vulnerabilities. The flaw are present in the application, which fails to handle a crafted application. Successful exploitation could allow attackers to crash th ... oval:org.secpod.oval:def:24460 The host is missing a security update according to Apple advisory, APPLE-SA-2015-04-08-2. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows attackers to execute arbitrary code or crash ... oval:org.secpod.oval:def:3514 The host is installed with Apple Mac OS X 10.5.8 or 10.6.2 and is prone to multiple memory corruption vulnerabilities. The flaws are present in the application, which fail to sanitize user supplied input. Successful exploitation could allow attackers to execute arbitrary code, crash the service or c ... oval:org.secpod.oval:def:3869 The host is missing an important security update according to Apple advisory, APPLE-SA-2010-03-29-1. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly sanitize user supplied input. Successful exploitation could allow attackers t ... oval:org.secpod.oval:def:502287 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * Kernel: KVM: error in exception handling leads to wrong debug stack value * Kernel: error in exception handling leads to DoS * Kernel: ipsec: xfrm: use-after-free leading to potential privilege es ... oval:org.secpod.oval:def:1700044 A weakness was found in the Linux kernel#039;s implementation of random seed data. Programs, early in the boot sequence, could use the data allocated for the seed before it was sufficiently generated. A flaw was found in the way the Linux kernel handled exceptions delivered after a stack switch oper ... oval:org.secpod.oval:def:705016 linux: Linux kernel - linux-raspi2: Linux kernel for Raspberry Pi 2 - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-euclid: Linux kernel for Intel Euclid systems - linux-gcp: Linux kernel for Google Cloud Platform syst ... oval:org.secpod.oval:def:1502207 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:204822 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * Kernel: KVM: error in exception handling leads to wrong debug stack value * Kernel: error in exception handling leads to DoS * Kernel: ipsec: xfrm: use-after-free leading to potential privilege es ... oval:org.secpod.oval:def:1600892 A weakness was found in the Linux kernel#039;s implementation of random seed data. Programs, early in the boot sequence, could use the data allocated for the seed before it was sufficiently generated. A flaw was found in the way the Linux kernel handled exceptions delivered after a stack switch oper ... oval:org.secpod.oval:def:57782 linux: Linux kernel - linux-raspi2: Linux kernel for Raspberry Pi 2 - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-euclid: Linux kernel for Intel Euclid systems - linux-gcp: Linux kernel for Google Cloud Platform syst ... oval:org.secpod.oval:def:54654 The host is missing a security update according to Apple advisory, APPLE-SA-2019-5-13-2. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle unspecified vectors. Successful exploitation could allow attackers to cause memory ... oval:org.secpod.oval:def:53540 The host is installed with Apple Mac OS X through 10.12.6, 10.13.6 or 10.14.3 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to properly handle multiple issues. Successful exploitation allows attackers to execute arbitrary code or read restricted memo ... oval:org.secpod.oval:def:1800708 CVE-2017-5753 Versions affected: WebKitGTK+ before 2.18.5.Impact: Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker via a side-channel analysis. This variant of the Spectre vulnerability triggers the spe ... oval:org.secpod.oval:def:53326 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation or denial of service. CVE-2018-1087 Andy Lutomirski discovered that the KVM implementation did not properly handle #DB exceptions while deferred by MOV SS/POP SS, allowing an unprivileged KVM gue ... oval:org.secpod.oval:def:115530 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:114551 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:115435 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:1502222 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502220 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:114789 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:204798 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * hw: cpu: speculative execution permission faults handling * Kernel: error in exception handling leads to DoS * kernel: nfsd: Incorrect handling of long RPC replies * kernel: Use-after-free vulner ... oval:org.secpod.oval:def:114727 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:114614 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:1502215 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502217 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:204852 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions . It relies on the presence of a precisely-defi ... oval:org.secpod.oval:def:48684 The host is installed with Apple Mac OS X through 10.12.6, 10.13.6 or 10.14 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to properly handle multiple issues. Successful exploitation allows remote attackers to execute arbitrary code or read restricted ... oval:org.secpod.oval:def:46333 The host is installed with Apple Mac OS 10.13.5, 10.12.6 or 10.11.6 and is prone to multiple vulnerabilities. The flaw is present in the application, which fails to properly handle multiple issues. Successful exploitation allows remote attackers to execute arbitrary code or read restricted memory. oval:org.secpod.oval:def:47664 The host is installed with Apple Mac OS before 10.14 and is prone to multiple vulnerabilities. The flaw is present in the application, which fails to properly handle multiple issues. Successful exploitation allows remote attackers to execute arbitrary code or read restricted memory. oval:org.secpod.oval:def:502332 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load Store instructions . It relies on the presence of a precisely-defined in ... oval:org.secpod.oval:def:603398 Multiple vulnerabilities have been discovered in the Xen hypervisor: CVE-2018-8897 Andy Lutomirski and Nick Peterson discovered that incorrect handling of debug exceptions could result in privilege escalation. CVE-2018-10471 An error was discovered in the mitigations against Meltdown which could res ... oval:org.secpod.oval:def:115038 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:502286 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * hw: cpu: speculative execution permission faults handling * Kernel: error in exception handling leads to DoS * kernel: nfsd: Incorrect handling of long RPC replies * kernel: Use-after-free vulner ... oval:org.secpod.oval:def:1502206 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1800989 CVE-2018-10472,XSA-258: Information leak via crafted user-supplied CDROM oval:org.secpod.oval:def:53328 Multiple vulnerabilities have been discovered in the Xen hypervisor: CVE-2018-8897 Andy Lutomirski and Nick Peterson discovered that incorrect handling of debug exceptions could result in privilege escalation. CVE-2018-10471 An error was discovered in the mitigations against Meltdown which could res ... oval:org.secpod.oval:def:114497 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:114565 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:45915 The host is installed with Apple Mac OS X 10.11.6 or 10.12.6 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle an undocumented instructions issue. Successful exploitation allows attackers to execute arbitrary code with ker ... oval:org.secpod.oval:def:1502203 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502204 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502201 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502202 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502205 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:45388 An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new a ... oval:org.secpod.oval:def:1801000 CVE-2018-10472,XSA-258: Information leak via crafted user-supplied CDROM oval:org.secpod.oval:def:1801001 CVE-2018-8897, XSA-260: x86: mishandling of debug exceptions oval:org.secpod.oval:def:1801004 CVE-2018-10472,XSA-258: Information leak via crafted user-supplied CDROM oval:org.secpod.oval:def:45418 The host is missing an important security update for KB4103731 oval:org.secpod.oval:def:45419 The host is missing an important security update for KB4103730 oval:org.secpod.oval:def:45898 The host is installed with Apple Mac OS 10.13.4, 10.12.6 or 10.11.6 and is prone to multiple vulnerabilities. The flaw is present in the application, which fails to properly handle multiple issues. Successful exploitation allows remote attackers to execute arbitrary code or read restricted memory or ... oval:org.secpod.oval:def:45416 The host is missing an important security update for KB4134651 oval:org.secpod.oval:def:45421 The host is missing an important security update 4103715 oval:org.secpod.oval:def:45422 The host is missing an important security update for KB4103716 oval:org.secpod.oval:def:45543 The host is missing an important security update 4103718 oval:org.secpod.oval:def:45423 The host is missing an important security update for KB4103721 oval:org.secpod.oval:def:45435 The host is missing an important security update for KB4103723 oval:org.secpod.oval:def:45436 The host is missing an important security update for KB4103725 oval:org.secpod.oval:def:45437 The host is missing an important security update 4103726 oval:org.secpod.oval:def:45438 The host is missing an important security update for KB4103727 oval:org.secpod.oval:def:45440 The host is missing an important security update 4103712 oval:org.secpod.oval:def:603396 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation or denial of service. CVE-2018-1087 Andy Lutomirski discovered that the KVM implementation did not properly handle #DB exceptions while deferred by MOV SS/POP SS, allowing an unprivileged KVM gue ... oval:org.secpod.oval:def:3930 The host is missing a critical security update according to Apple advisory, APPLE-SA-2012-02-01-1. The update is required to fix multiple vulnerabilities. The flaws are present in the applications which fail to sanitize user supplied input. Successful exploitation could allow attackers to execute ar ... oval:org.secpod.oval:def:39718 The host is missing a security update according to Apple advisory, APPLE-SA-2017-03-27-3. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary ... oval:org.secpod.oval:def:5820 The host is missing an important security update according to Apple advisory, APPLE-SA-2012-05-09-1. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to sanitize user supplied input. Successful exploitation could allow attackers to execute ... oval:org.secpod.oval:def:4688 The host is installed with Apple Mac OS X 10.6 before 10.6.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a memory management issue. Successful exploitation could allow remote attackers to crash the service. oval:org.secpod.oval:def:4689 The host is installed with Apple Mac OS X 10.5.8 or 10.6 before 10.6.5 and is prone to a heap based buffer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted RAW image. Successful exploitation could allow remote attackers to crash the service. oval:org.secpod.oval:def:4694 The host is installed with Apple Mac OS X 10.5.8 or 10.6.x before 10.6.5 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a bidirectional text string with ellipsis truncation. Successful exploitation could allow remote attackers to crash ... oval:org.secpod.oval:def:4695 The host is installed with Apple Mac OS X 10.5.8 or 10.6.x before 10.6.5 and is prone to a stack-based buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle the password-validation functionality in Directory Services. Successful exploitation could allow ... oval:org.secpod.oval:def:4692 The host is installed with Apple Mac OS X 10.6.2 before 10.6.5 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle a crafted image. Successful exploitation could allow remote attackers to crash the service. oval:org.secpod.oval:def:4693 The host is installed with Apple Mac OS X 10.6.x before 10.6.5 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to handle a bidirectional text string with ellipsis truncation. Successful exploitation could allow remote attackers to crash the service. oval:org.secpod.oval:def:4698 The host is installed with Apple Mac OS X 10.5.8 or 10.6.x before 10.6.5 and is prone to a stack based buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a crafted PDF document. Successful exploitation could allow remote attackers to execute arbitrary ... oval:org.secpod.oval:def:4699 The host is installed with Apple Mac OS X 10.6.x before 10.6.5 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to properly handle a maliciously crafted website. Successful exploitation could allow remote attackers to set cookies for a partial IP add ... oval:org.secpod.oval:def:4696 The host is installed with Apple Mac OS X 10.5.8 or 10.6.x before 10.6.5 and is prone to a stack-based buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle errors associated with disabled mobile accounts. Successful exploitation could allow remote attac ... oval:org.secpod.oval:def:4697 The host is installed with Apple Mac OS X 10.5.8 or 10.6.x before 10.6.5 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted font in a PDF document. Successful exploitation could allow remote attackers to execute arbitrary ... oval:org.secpod.oval:def:4690 The host is installed with Apple Mac OS X 10.5.8 or 10.6 before 10.6.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted PSD image. Successful exploitation could allow remote attackers to crash the service. oval:org.secpod.oval:def:4691 The host is installed with Apple Mac OS X 10.6 before 10.6.5 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle a crafted image. Successful exploitation could allow remote attackers to crash the service. oval:org.secpod.oval:def:4308 The host is installed with Apple Quicktime before 7.6.9 and Apple Mac OS X 10.6 before 10.6.5 and is prone to a heap-based buffer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted jp2 image. Successful exploitation could allow attackers to execute arbitrar ... oval:org.secpod.oval:def:4309 The host is installed with Apple Quicktime before 7.6.9 and Apple Mac OS X 10.6 before 10.6.5 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted jp2 file. Successful exploitation could allow attackers to execute arbitrary code or ... oval:org.secpod.oval:def:4310 The host is installed with Apple Quicktime before 7.6.9 and Apple Mac OS X 10.6 before 10.6.5 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted AVI file. Successful exploitation could allow attackers to execute arbitrary code or ... oval:org.secpod.oval:def:4313 The host is installed with Apple Quicktime before 7.6.9 and Apple Mac OS X 10.6 before 10.6.5 and is prone to a integer signedness error vulnerability. A flaw is present in the application, which fails to handle a crafted MPEG movie file. Successful exploitation could allow attackers to execute arbi ... oval:org.secpod.oval:def:4314 The host is installed with Apple Quicktime before 7.6.9 and Apple Mac OS X 10.6 before 10.6.5 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted Sorenson movie file. Successful exploitation could allow attackers to execute arbitra ... oval:org.secpod.oval:def:4311 The host is installed with Apple Quicktime before 7.6.9 and Apple Mac OS X 10.6 before 10.6.5 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted movie file. Successful exploitation could allow attackers to execute arbitrary code o ... oval:org.secpod.oval:def:4312 The host is installed with Apple Quicktime before 7.6.9 and Apple Mac OS X 10.6 before 10.6.5 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted MPEG movie file. Successful exploitation could allow attackers to execute arbitrary cod ... oval:org.secpod.oval:def:4315 The host is installed with Apple Quicktime before 7.6.9 and Apple Mac OS X 10.6 before 10.6.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted FlashPix file. Successful exploitation could allow attackers to execute arbitrary cod ... oval:org.secpod.oval:def:4316 The host is installed with Apple Quicktime before 7.6.9 and Apple Mac OS X 10.6 before 10.6.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted GIF file. Successful exploitation could allow attackers to execute arbitrary code or ... oval:org.secpod.oval:def:2589 The host is installed with Apple Mac OS X 10.6.x before 10.6.5 or iWork 9.0 through 9.0.5 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to prevent memory corruption. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:2588 The host is installed with Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 or iWorks 9.0 through 9.0.5 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted office document. Successful exploitation could allow attackers to crash the se ... oval:org.secpod.oval:def:4626 The host is installed with Apple Mac OS X 10.6 before 10.6.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted xar archive. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:4629 The host is installed with Apple Mac OS X 10.5.8 or 10.6 before 10.6.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle XML data. Successful exploitation could allow remote attackers to crash the service. oval:org.secpod.oval:def:4628 The host is installed with Apple Mac OS X 10.5.8 or 10.6 before 10.6.5 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle a maliciously crafted "feed:" URL. Successful exploitation could allow remote attackers to obtain sensitive info ... oval:org.secpod.oval:def:4729 The host is missing a critical security update according to Apple advisory, APPLE-SA-2010-11-10-1. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly sanitize user supplied input. Successful exploitation could allow attackers to ... oval:org.secpod.oval:def:2880 The host is missing an update according to Apple advisory APPLE-SA-2011-06-23-1. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to handle malicious input. Successful exploitation could allow attackers to execute arbitrary code, gain sens ... oval:org.secpod.oval:def:4700 The host is installed with Apple Mac OS X 10.6.x before 10.6.5 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted embedded font in a document. Successful exploitation could allow remote attackers to execute arbitrary code ... oval:org.secpod.oval:def:4707 The host is installed with Apple Mac OS X 10.6.x before 10.6.5 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to verify the unique identifier of its remote AFP volume. Successful exploitation could allow remote attackers to obtain sensitive ... oval:org.secpod.oval:def:4711 The host is installed with Apple Mac OS X 10.6.x before 10.6.5 and is prone to security bypass vulnerability. A flaw is present in the application, which fails to handle an arbitrary certificate issued by a legitimate Certification Authority. Successful exploitation could allow remote attackers to b ... oval:org.secpod.oval:def:4718 The host is installed with Apple Mac OS X 10.5.8, 10.6 before 10.6.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted application. Successful exploitation could allow remote attackers to crash the service. oval:org.secpod.oval:def:10725 The host is installed with Apple Mac OS X 10.6.8, 10.7 before 10.7.5 or 10.8 before 10.8.2 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. |