Apple released a security update for OS X 10.7 (Lion), OS X 10.8 (Mountain Lion), and OS X 10.9 (Mavericks) mitigating over a dozen bugs in the operating system, some shared with the iOS mobile operating system.
Security researcher Antoine Delignat-Lavaud of Prosecco at Inria Paris informed Apple of a CFNetwork HTTPProtocol flaw where an attacker in a privileged network position could obtain web site credentials.
According to the description, “Set-Cookie HTTP headers would be processed even if the connection closed before the header line was complete. An attacker could strip security settings from the cookie by forcing the connection to close before the security settings were sent, and then obtain the value of the unprotected cookie.”
Apple addressed this flaw by instructing CFNetwork HTTPProtocol to ignore incomplete HTTP header lines. The issue also ended up patched in iOS 7 (with the release of iOS 7.1.1).
There was a format string issue in the handling of URLs by Lukasz Pilorz of runic.pl and Erik Kooistra. Affecting CoreServicesUIAgent. “This issue was addressed through additional validation of URLs,” Apple said. Mavericks is the only OS affected. iOS 7.1.1 patches the same bug for users of iPhones, iPod touch players, and iPads.
There is also a FontParser vulnerability. Impacting only Mountain Lion computers, the bug (once exploited) could lead to unexpected application termination or arbitrary code execution by opening a maliciously crafted PDF file.
The problem stemmed from a buffer underflow in the handling of fonts in PDF files. Apple patched the bug through additional bounds checking after learning of its existence from Will Dormann of CERT/CC.
Power Management on OS X Mavericks 10.9.2 suffered from a vulnerability that prevented the screen from locking.
Apple responded by saying, “If a key was pressed or the trackpad touched just after the lid was closed, the system might have tried to wake up while going to sleep, which would have caused the screen to be unlocked. This issue was addressed by ignoring keypresses while going to sleep. This issue does not affect systems prior to OS X Mavericks.”