CVE-2017-2509 – Apple macOS - '32-bit syscall exit' Kernel Register Leak
https://notcve.org/view.php?id=CVE-2017-2509
An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a crafted app. Se detectó un problema en ciertos productos de Apple. macOS anterior a versión 10.12.5 está afectado. El problema implica el componente "Kernel". • https://www.exploit-db.com/exploits/42046 http://www.securitytracker.com/id/1038484 https://support.apple.com/HT207797 •
CVE-2017-2516 – Apple macOS - 'stackshot' Raw Frame Pointers
https://notcve.org/view.php?id=CVE-2017-2516
An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a crafted app. Se descubrió un problema en ciertos productos de Apple. MacOS anterior a versión 10.12.5 está afectado. • https://www.exploit-db.com/exploits/42047 http://www.securitytracker.com/id/1038484 https://support.apple.com/HT207797 •
CVE-2017-2533 – Apple macOS diskarbitrationd Time-Of-Check/Time-Of-Use Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2017-2533
An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "DiskArbitration" component. A race condition allows attackers to execute arbitrary code in a privileged context via a crafted app. Se descubrió un problema en ciertos productos de Apple. MacOS anterior a versión 10.12.5 está afectado. • https://www.exploit-db.com/exploits/42146 http://www.securitytracker.com/id/1038484 http://www.zerodayinitiative.com/advisories/ZDI-17-357 https://phoenhex.re/2017-06-09/pwn2own-diskarbitrationd-privesc https://support.apple.com/HT207797 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVE-2017-2494
https://notcve.org/view.php?id=CVE-2017-2494
An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. Se descubrió un problema en ciertos productos de Apple. macOS anterior a versión 10.12.5 está afectado. El problema implica el componente "Kernel". • http://www.securitytracker.com/id/1038484 https://support.apple.com/HT207797 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2017-2537 – Apple macOS WindowServer Dragging Space Use-After-Free Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2017-2537
An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "WindowServer" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. Se descubrió un problema en ciertos productos de Apple. MacOS anterior a versión 10.12.5 está afectado. • http://www.securitytracker.com/id/1038484 https://support.apple.com/HT207797 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •