CVE-2017-7122
https://notcve.org/view.php?id=CVE-2017-7122
An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the third-party "file" product. Versions before 5.30 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact. Se ha descubierto un problema en ciertos productos Apple. Se han visto afectadas las versiones de macOS anteriores a la 10.13. • http://www.securityfocus.com/bid/100993 https://support.apple.com/HT208144 • CWE-20: Improper Input Validation •
CVE-2017-7123
https://notcve.org/view.php?id=CVE-2017-7123
An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the third-party "file" product. Versions before 5.30 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact. Se ha descubierto un problema en ciertos productos Apple. Se han visto afectadas las versiones de macOS anteriores a la 10.13. • http://www.securityfocus.com/bid/100993 https://support.apple.com/HT208144 • CWE-20: Improper Input Validation •
CVE-2017-7121
https://notcve.org/view.php?id=CVE-2017-7121
An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the third-party "file" product. Versions before 5.30 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact. Se ha descubierto un problema en ciertos productos Apple. Se han visto afectadas las versiones de macOS anteriores a la 10.13. • http://www.securityfocus.com/bid/100993 https://support.apple.com/HT208144 • CWE-20: Improper Input Validation •
CVE-2017-7149
https://notcve.org/view.php?id=CVE-2017-7149
An issue was discovered in certain Apple products. macOS before 10.13 Supplemental Update is affected. The issue involves the "StorageKit" component. It allows attackers to discover passwords for APFS encrypted volumes by reading Disk Utility hints, because the stored hint value was accidentally set to the password itself, not the entered hint value. Se ha descubierto un problema en ciertos productos Apple. Se han visto afectadas las versiones de macOS anteriores a la 10.13 Supplemental Update. • http://www.securityfocus.com/bid/101178 http://www.securitytracker.com/id/1039513 https://hackernoon.com/new-macos-high-sierra-vulnerability-exposes-the-password-of-an-encrypted-apfs-container-b4f2f5326e79 https://nakedsecurity.sophos.com/2017/10/05/urgent-update-your-mac-again-right-now https://support.apple.com/HT208165 https://www.theregister.co.uk/2017/10/05/apple_patches_password_hint_bug_that_revealed_password •
CVE-2017-7150
https://notcve.org/view.php?id=CVE-2017-7150
An issue was discovered in certain Apple products. macOS before 10.13 Supplemental Update is affected. The issue involves the "Security" component. It allows attackers to bypass the keychain access prompt, and consequently extract passwords, via a synthetic click. Se ha descubierto un problema en ciertos productos Apple. Se han visto afectadas las versiones de macOS anteriores a la 10.13 Supplemental Update. • http://www.securityfocus.com/bid/101177 http://www.securitytracker.com/id/1039430 https://support.apple.com/HT208165 • CWE-521: Weak Password Requirements •