CVE-2016-7608 – Apple macOS Sierra 10.12.1 - 'IOFireWireFamily' FireWire Port Denial of Service
https://notcve.org/view.php?id=CVE-2016-7608
An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the "IOFireWireFamily" component, which allows local users to obtain sensitive information from kernel memory via unspecified vectors. Se ha descubierto un problema en ciertos productos Apple. macOS en versiones anteriores a 10.12.2 está afectado. El problema involucra al componente "IOFireWireFamily", que permite a usuarios locales obtener información sensible de la memoria del kernel a través de vectores no especificados. • https://www.exploit-db.com/exploits/44235 http://www.securityfocus.com/bid/94903 http://www.securitytracker.com/id/1037469 https://support.apple.com/HT207423 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2016-7577
https://notcve.org/view.php?id=CVE-2016-7577
An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. The issue involves the "FaceTime" component, which allows remote attackers to trigger memory corruption and obtain audio data from a call that appeared to have ended. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.1 está afectado. macOS en versiones anteriores a 10.12.1 está afectado. El problema involucra al componente "FaceTime", que permite a atacantes remotos desencadenar corrupción de memoria y obtener datos de audio de una llamada que aparentemente ha terminado. • http://www.securityfocus.com/bid/94429 https://support.apple.com/HT207271 https://support.apple.com/HT207275 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2016-7667
https://notcve.org/view.php?id=CVE-2016-7667
An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. The issue involves the "CoreText" component. It allows remote attackers to cause a denial of service via a crafted string. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.2 está afectado. macOS en versiones anteriores a 10.12.2 está afectado. El problema involucra al componente "CoreText". • https://support.apple.com/HT207422 https://support.apple.com/HT207423 • CWE-20: Improper Input Validation •
CVE-2016-4681
https://notcve.org/view.php?id=CVE-2016-4681
An issue was discovered in certain Apple products. macOS before 10.12.1 is affected. The issue involves the "Core Image" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted JPEG file. Se ha descubierto un problema en ciertos productos Apple. macOS en versiones anteriores a 10.12.1 está afectado. El problema involucra al componente "Core Image". • http://www.securityfocus.com/bid/94431 https://support.apple.com/HT207275 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2016-7628
https://notcve.org/view.php?id=CVE-2016-7628
An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the "Assets" component, which allows local users to bypass intended permission restrictions and change a downloaded mobile asset via unspecified vectors. Se ha descubierto un problema en ciertos productos Apple. macOS en versiones anteriores a 10.12.2 está afectado. El problema involucra al componente "Assets", que permite a usuarios locales eludir las restricciones de permiso previstas y cambiar una herramienta para móviles descargada a través de vectores no especificados. • http://www.securityfocus.com/bid/94903 http://www.securitytracker.com/id/1037469 https://support.apple.com/HT207423 • CWE-264: Permissions, Privileges, and Access Controls •