- Iatkos Ml2 Os X Mountain Lion 10.8.2 Indir
- Os X Mountain Lion Download
- Os X 10.7 Lion Download
- Os X Lion 10.7 Free Download
- Os X Mountain Lion 10.8 Download
This document describes the security content of OS X Mountain Lion v10.8.2, OS X Lion v10.7.5, and Security Update 2012-004.
A Hackintosh-compatible computer with 10 GB+ of free space: This is the computer where you will install OS X Mountain Lion. It can be the same computer as the one mentioned in the previous point. If your computer already has Mac OS X Lion installed, iAtkos will just update Lion to Mountain Lion normally, without deleting any of your apps or files. Sep 07, 2012 OS X 10.8.2 is the second incremental update lined up for users of Apple’s Mountain Lion operating system. Developers can download the new beta (build 12C43) over at Apple’s Mac Dev Center. Developers can download the new beta (build 12C43) over at Apple’s Mac Dev Center.
The current version of the Mac OS X Mountain Lion Golden Master 10.8 Final Build has been released and we have gathered all the direct download links for our readers. This final build is the most recommended and stable version of the Macc OS X Mountain Lion. Beside this you can also download the older version like OS X Mountain Lion 10.8.5. Sep 07, 2012 Mountain Lion developers are being handed a new build of the 10.8.2 beta this week, along with instructions to focus their testing efforts on Power Nap, an exclusive feature introduced with Mountain Lion this year. OS X Mountain Lion 10.8.2 Build 12C43 contains no known issues and surprisingly weighs in at 680MB for the both Delta and the Combo. The OS X v10.8.2 Supplemental Update is recommended for all users running OS X Mountain Lion v10.8.2 and includes the following fixes: Resolves an issue that may cause certain Japanese characters.
For the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases are available. To learn more about Apple Product Security, see the Apple Product Security website.
For information about the Apple Product Security PGP Key, see 'How to use the Apple Product Security PGP Key.'
Where possible, CVE IDs are used to reference the vulnerabilities for further information.
Iatkos Ml2 Os X Mountain Lion 10.8.2 Indir
To learn about other Security Updates, see 'Apple Security Updates'.
OS X Mountain Lion v10.8.2, OS X Lion v10.7.5 and Security Update 2012-004
Note: OS X Mountain Lion v10.8.2 includes the content of Safari 6.0.1. For further details see About the security content of Safari 6.0.1.
Apache
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4
Impact: Multiple vulnerabilities in Apache
Description: Apache is updated to version 2.2.22 to address several vulnerabilities, the most serious of which may lead to a denial of service. Further information is available via the Apache web site at http://httpd.apache.org/. This issue does not affect OS X Mountain Lion systems.
CVE-ID
CVE-2011-3368
CVE-2011-3607
CVE-2011-4317
CVE-2012-0021
CVE-2012-0031
CVE-2012-0053
BIND
Available for: OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4
Impact: A remote attacker may be able to cause a denial of service in systems configured to run BIND as a DNS nameserver
Description: A reachable assertion issue existed in the handling of DNS records. This issue was addressed by updating to BIND 9.7.6-P1. This issue does not affect OS X Mountain Lion systems.
CVE-ID
CVE-2011-4313
BIND
Available for: OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4, OS X Mountain Lion v10.8 and v10.8.1
Impact: A remote attacker may be able to cause a denial of service, data corruption, or obtain sensitive information from process memory in systems configured to run BIND as a DNS nameserver
Description: A memory management issue existed in the handling of DNS records. This issue was addressed by updating to BIND 9.7.6-P1 on OS X Lion systems, and BIND 9.8.3-P1 on OS X Mountain Lion systems.
CVE-ID
CVE-2012-1667
CoreText
Available for: OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4
Impact: Applications that use CoreText may be vulnerable to an unexpected application termination or arbitrary code execution
Description: A bounds checking issue existed in the handling of text glyphs, which may lead to out of bounds memory reads or writes. This issue was addressed through improved bounds checking. This issue does not affect Mac OS X v10.6 or OS X Mountain Lion systems.
CVE-ID
CVE-2012-3716 : Jesse Ruderman of Mozilla Corporation
Data Security
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4, OS X Mountain Lion v10.8 and v10.8.1
Impact: An attacker with a privileged network position may intercept user credentials or other sensitive information
Description: TrustWave, a trusted root CA, has issued, and subsequently revoked, a sub-CA certificate from one of its trusted anchors. This sub-CA facilitated the interception of communications secured by Transport Layer Security (TLS). This update adds the involved sub-CA certificate to OS X's list of untrusted certificates.
DirectoryService
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8
Impact: If the DirectoryService Proxy is used, a remote attacker may cause a denial of service or arbitrary code execution
Description: A buffer overflow existed in the DirectoryService Proxy. This issue was addressed through improved bounds checking. This issue does not affect OS X Lion and Mountain Lion systems.
CVE-ID
CVE-2012-0650 : aazubel working with HP's Zero Day Initiative
ImageIO
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4
Impact: Viewing a maliciously crafted PNG image may lead to an unexpected application termination or arbitrary code execution
Description: Multiple memory corruption issues existed in libpng's handling of PNG images. These issues were addressed through improved validation of PNG images. These issues do not affect OS X Mountain Lion systems.
CVE-ID
CVE-2011-3026 : Jüri Aedla
CVE-2011-3048
ImageIO
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4
Impact: Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution
Description: An integer overflow issue existed in libTIFF's handling of TIFF images. This issue was addressed through improved validation of TIFF images. This issue does not affect OS X Mountain Lion systems.
CVE-ID
CVE-2012-1173 : Alexander Gavrun working with HP's Zero Day Initiative
Installer
Available for: OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4
Impact: Remote admins and persons with physical access to the system may obtain account information
Description: The fix for CVE-2012-0652 in OS X Lion 10.7.4 prevented user passwords from being recorded in the system log, but did not remove the old log entries. This issue was addressed by deleting log files that contained passwords. This issue does not affect Mac OS X 10.6 or OS X Mountain Lion systems.
CVE-ID
CVE-2012-0652
International Components for Unicode
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4
Impact: Applications that use ICU may be vulnerable to an unexpected application termination or arbitrary code execution
Description: A stack buffer overflow existed in the handling of ICU locale IDs. This issue was addressed through improved bounds checking. This issue does not affect OS X Mountain Lion systems.
CVE-ID
CVE-2011-4599
Kernel
Available for: OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4
Impact: A malicious program could bypass sandbox restrictions
Description: A logic issue existed in the handling of debug system calls. This may allow a malicious program to gain code execution in other programs with the same user privileges. This issue was addressed by disabling handling of addresses in PT_STEP and PT_CONTINUE. This issue does not affect OS X Mountain Lion systems.
CVE-ID
CVE-2012-0643 : iOS Jailbreak Dream Team
LoginWindow
Available for: OS X Mountain Lion v10.8 and v10.8.1
Impact: A local user may be able to obtain other user's login passwords
Description: A user-installed input method could intercept password keystrokes from Login Window or Screen Saver Unlock. This issue was addressed by preventing user-installed methods from being used when the system is handling login information.
CVE-ID
CVE-2012-3718: Lukhnos Liu
Mail
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4
Impact: Viewing an e-mail message may lead to execution of web plugins
Description: An input validation error existed in Mail's handling of embedded web plugins. This issue was addressed by disabling third-party plug-ins in Mail. This issue does not affect OS X Mountain Lion systems.
CVE-ID
CVE-2012-3719 : Will Dormann of the CERT/CC
Mobile Accounts
Available for: OS X Mountain Lion v10.8 and v10.8.1
Impact: A user with access to the contents of a mobile account may obtain the account password
Description: Creating a mobile account saved a hash of the password in the account, which was used to login when the mobile account was used as an external account. The password hash could be used to determine the user's password. This issue was addressed by creating the password hash only if external accounts are enabled on the system where the mobile account is created.
CVE-ID
CVE-2012-3720 : Harald Wagener of Google, Inc.
PHP
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4, OS X Mountain Lion v10.8 and v10.8.1
Impact: Multiple vulnerabilities in PHP
Description: >PHP is updated to version 5.3.15 to address multiple vulnerabilities, the most serious of which may lead to arbitrary code execution. Further information is available via the PHP web site at http://www.php.net
CVE-ID
CVE-2012-0831
CVE-2012-1172
CVE-2012-1823
CVE-2012-2143
CVE-2012-2311
CVE-2012-2386
May 17, 2017 SQLPro for Postgres 是一款Mac上优秀的Postgres数据库客户端,可用于可视化管理Postgres数据库,很不错! 软件介绍. SQLPro for Postgres is an advanced but lightweight Postgres database-management studio. It allows quick and simple access to Postgres SQL servers, with advanced time-saving features. Features Syntax. Sqlpro studio. SQLPro Studio is the premium database management tool for Postgres, MySQL, Microsoft Management Studio and Oracle databases. Some of the great features include: Intellisense/SQL autocompletion. May 08, 2017 SQLPro for Postgres 1.0.107 – Database management studio for Postgres. May 8, 2017 SQLPro for Postgres is an advanced but lightweight Postgres database-management studio. It allows quick and simple access to Postgres SQL servers, with advanced time-saving features. SQLPro Studio 1.0.107 (Full + Crack) SQLPro Studio 1.0.107 SQLPro Studio is the premium database management tool for Postgres, MySQL, Microsoft Management Studio and Oracle databases. SQLPro for Postgres 1.0.107 – Database management studio for Postgres. SQLPro for Postgres is an advanced but lightweight Postgres database-management studio. It allows quick and simple access to Postgres SQL servers, with advanced time-saving features.
CVE-2012-2688
PHP
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4
Impact: PHP scripts which use libpng may be vulnerable to an unexpected application termination or arbitrary code execution
Description: A memory corruption issue existed in the handling of PNG files. This issue was addressed by updating PHP's copy of libpng to version 1.5.10. This issue does not affect OS X Mountain Lion systems.
CVE-ID
CVE-2011-3048
Os X Mountain Lion Download
Profile Manager
Available for: OS X Lion Server v10.7 to v10.7.4
Impact: An unauthenticated user could enumerate managed devices
Description: An authentication issue existed in the Device Management private interface. This issue was addressed by removing the interface.
This issue does not affect OS X Mountain Lion systems.
CVE-ID
CVE-2012-3721 : Derick Cassidy of XEquals Corporation
QuickLook
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4
Impact: Viewing a maliciously crafted .pict file may lead to an unexpected application termination or arbitrary code execution
Description: A memory corruption issue existed in the handling of .pict files. This issue was addressed through improved validation of .pict files. This issue does not affect OS X Mountain Lion systems.
CVE-ID
CVE-2012-0671 : Rodrigo Rubira Branco (twitter.com/bsdaemon) from the Qualys Vulnerability & Malware Research Labs (VMRL)
QuickTime
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4
Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution
Description: An integer overflow existed in QuickTime's handling of sean atoms. This issue was addressed through improved bounds checking. This issue does not affect OS X Mountain Lion systems.
CVE-ID
CVE-2012-0670 : Tom Gallagher (Microsoft) and Paul Bates (Microsoft) working with HP's Zero Day Initiative
QuickTime
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4
Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution
Description: An uninitialized memory access existed in the handling of Sorenson encoded movie files. This issue was addressed through improved memory initialization. This issue does not affect OS X Mountain Lion systems.
CVE-ID
CVE-2012-3722 : Will Dormann of the CERT/CC
Os X 10.7 Lion Download
QuickTime
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4
Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution
Description: A buffer overflow existed in the handling of RLE encoded movie files. This issue was addressed through improved bounds checking. This issue does not affect OS X Mountain Lion systems.
CVE-ID
Itunes 1.3 download windows. CVE-2012-0668 : Luigi Auriemma working with HP's Zero Day Initiative
Os X Lion 10.7 Free Download
Ruby
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4
Impact: An attacker may be able to decrypt data protected by SSL
Description: There are known attacks on the confidentiality of SSL 3.0 and TLS 1.0 when a cipher suite uses a block cipher in CBC mode. The Ruby OpenSSL module disabled the 'empty fragment' countermeasure which prevented these attacks. This issue was addressed by enabling empty fragments. This issue does not affect OS X Mountain Lion systems.
CVE-ID
CVE-2011-3389
Os X Mountain Lion 10.8 Download
USB
Available for: OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4
Impact: Attaching a USB device may lead to an unexpected system termination or arbitrary code execution
Description: A memory corruption issue existed in the handling of USB hub descriptors. This issue was addressed through improved handling of the bNbrPorts descriptor field. This issue does not affect OS X Mountain Lion systems.
CVE-ID
CVE-2012-3723 : Andy Davis of NGS Secure