CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 1CVE-2017-2533 – Apple macOS diskarbitrationd Time-Of-Check/Time-Of-Use Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2017-2533
An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "DiskArbitration" component. A race condition allows attackers to execute arbitrary code in a privileged context via a crafted app. Se descubrió un problema en ciertos productos de Apple. MacOS anterior a versión 10.12.5 está afectado. • https://www.exploit-db.com/exploits/42146 http://www.securitytracker.com/id/1038484 http://www.zerodayinitiative.com/advisories/ZDI-17-357 https://phoenhex.re/2017-06-09/pwn2own-diskarbitrationd-privesc https://support.apple.com/HT207797 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-2535 – Apple macOS authd Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2017-2535
An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "Security" component. It allows attackers to conduct sandbox-escape attacks or cause a denial of service (resource consumption) via a crafted app. Se descubrió un problema en ciertos productos de Apple. MacOS anterior a versión 10.12.5 está afectado. • http://www.securitytracker.com/id/1038484 https://support.apple.com/HT207797 • CWE-20: Improper Input Validation CWE-400: Uncontrolled Resource Consumption •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2017-2537 – Apple macOS WindowServer Dragging Space Use-After-Free Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2017-2537
An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "WindowServer" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. Se descubrió un problema en ciertos productos de Apple. MacOS anterior a versión 10.12.5 está afectado. • http://www.securitytracker.com/id/1038484 https://support.apple.com/HT207797 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2017-2542 – Apple macOS AppleMultitouchDevice Uninitialized Memory Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2017-2542
An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "Multi-Touch" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. Se descubrió un problema en ciertos productos de Apple. MacOS anterior a versión 10.12.5 está afectado. • http://www.securitytracker.com/id/1038484 https://support.apple.com/HT207797 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2017-2543 – Apple macOS AppleMultitouchDevice Use-After-Free Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2017-2543
An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "Multi-Touch" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. Se descubrió un problema en ciertos productos de Apple. MacOS anterior a versión 10.12.5 está afectado. • http://www.securitytracker.com/id/1038484 https://support.apple.com/HT207797 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •