Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Patches » Apple 2015-004

Overview

Id Apple 2015-004
Name Apple 2015-004 Security Update for Mac OS X 10.8.5 (HT204659)
Vendor Name apple
Product OSX
Content Type Critical Critical
Language(s)
Operating System(s) OSX 
Released On 08 Apr 2015 12:00:00

Apple 2015-004

Apple 2015-004 Security Update for Mac OS X 10.8.5 (HT204659)

Vendor Name

apple

Product

OSX

Released On

08 Apr 2015 12:00:00

Url

http://support.apple.com/kb/HT204659

Description

OS X Mountain Lion (version 10.8) is the ninth major release of OS X, Apple Inc.'s desktop and server operating system for Macintosh computers.

Security Update 2015-004 addresses the following security issues:

  • CVE-2013-0118, CVE-2013-5704, CVE-2013-6438, CVE-2014-0098, CVE-2014-0117, CVE-2014-0118, CVE-2014-0226, CVE-2014-0231, CVE-2014-3523: Multiple vulnerabilities in Apache
  • CVE-2015-1131, CVE-2015-1132, CVE-2015-1133, CVE-2015-1134, CVE-2015-1135, CVE-2015-1140, CVE-2015-1143, CVE-2015-1144: A local user may be able to execute arbitrary code with system privileges
  • Update to the certificate trust policy
  • CVE-2015-1136: Visiting a maliciously crafted website may lead to arbitrary code execution
  • CVE-2015-1093: Processing a maliciously crafted font file may lead to arbitrary code execution
  • CVE-2015-1139: Processing a maliciously crafted .sgi file may lead to arbitrary code execution
  • CVE-2014-4404, CVE-2014-4405: A malicious application may be able to execute arbitrary code with system privileges
  • CVE-2014-4380: A user may be able to execute arbitrary code with system privileges
  • CVE-2015-1099: A local user may be able to cause a system denial of service
  • CVE-2015-1117: A local application may escalate privileges using a compromised service intended to run with reduced privileges
  • CVE-2015-1100: A local user may be able to cause unexpected system termination or read kernel memory
  • CVE-2015-1104: A remote attacker may be able to bypass network filters
  • CVE-2015-1101: A local user may be able to execute arbitrary code with kernel privileges
  • CVE-2015-1545, CVE-2015-1546: A remote unauthenticated client may be able to cause a denial of service
  • CVE-2014-3569, CVE-2014-3570, CVE-2014-3571, CVE-2014-3572, CVE-2014-8275, CVE-2015-0204: Multiple vulnerabilities in OpenSSL
  • CVE-2013-6712, CVE-2014-0207, CVE-2014-0237, CVE-2014-0238, CVE-2014-2497, CVE-2014-3478, CVE-2014-3479, CVE-2014-3480, CVE-2014-3487, CVE-2014-3538, CVE-2014-3587, CVE-2014-3597, CVE-2014-3668, CVE-2014-3669, CVE-2014-3670, CVE-2014-3710, CVE-2014-3981, CVE-2014-4049, CVE-2014-4670, CVE-2014-4698, CVE-2014-5120: Multiple vulnerabilities in PHP
  • CVE-2015-1098: Opening a maliciously crafted iWork file may lead to arbitrary code execution
  • CVE-2014-8830: Viewing a maliciously crafted Collada file may lead to arbitrary code execution
  • CVE-2015-1145, CVE-2015-1146: Tampered applications may not be prevented from launching

  • Related Resources

    Related Vulnerabilities

    CVE-2013-0118   CVE-2013-5704   CVE-2013-6438   CVE-2013-6712   CVE-2014-0098   CVE-2014-0117   CVE-2014-0118   CVE-2014-0207   CVE-2014-0226   CVE-2014-0231   CVE-2014-0237   CVE-2014-0238   CVE-2014-2497   CVE-2014-3478   CVE-2014-3479   CVE-2014-3480   CVE-2014-3487   CVE-2014-3523   CVE-2014-3538   CVE-2014-3569   CVE-2014-3570   CVE-2014-3571   CVE-2014-3572   CVE-2014-3587   CVE-2014-3597   CVE-2014-3668   CVE-2014-3669   CVE-2014-3670   CVE-2014-3710   CVE-2014-3981   CVE-2014-4049   CVE-2014-4380   CVE-2014-4404   CVE-2014-4405   CVE-2014-4670   CVE-2014-4698   CVE-2014-5120   CVE-2014-8275   CVE-2014-8830   CVE-2015-0204   CVE-2015-1093   CVE-2015-1098   CVE-2015-1099   CVE-2015-1100   CVE-2015-1101   CVE-2015-1104   CVE-2015-1117   CVE-2015-1131   CVE-2015-1132   CVE-2015-1133   CVE-2015-1134   CVE-2015-1135   CVE-2015-1136   CVE-2015-1139   CVE-2015-1140   CVE-2015-1143   CVE-2015-1144   CVE-2015-1145   CVE-2015-1146   CVE-2015-1545   CVE-2015-1546  

    Related Patches

    Superseded Patches


    Last Updated: 27 May 2016 11:21:10