CVE-2017-7171 – Apple iOS backboardd Untrusted Pointer Dereference Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2017-7171
An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "CoreAnimation" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. Se ha descubierto un problema en algunos productos Apple. Las versiones de iOS anteriores a la 11.2, las versiones de macOS anteriores a la 10.13.2, las versiones de tvOS anteriores a la 11.2 y las versiones de watchOS anteriores a la 4.2 se han visto afectadas. • https://support.apple.com/HT208325 https://support.apple.com/HT208327 https://support.apple.com/HT208331 https://support.apple.com/HT208334 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2018-4097
https://notcve.org/view.php?id=CVE-2018-4097
An issue was discovered in certain Apple products. macOS before 10.13.3 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context via a crafted app. Se ha descubierto un problema en algunos productos Apple. Las versiones de macOS anteriores a la 10.13.3 se han visto afectadas. • http://www.securityfocus.com/bid/102785 http://www.securitytracker.com/id/1040267 https://support.apple.com/HT208465 • CWE-20: Improper Input Validation •
CVE-2018-4084
https://notcve.org/view.php?id=CVE-2018-4084
An issue was discovered in certain Apple products. macOS before 10.13.3 is affected. The issue involves the "Wi-Fi" component. It allows attackers to bypass intended memory-read restrictions via a crafted app. Se ha descubierto un problema en algunos productos Apple. Las versiones de macOS anteriores a la 10.13.3 se han visto afectadas. • http://www.securityfocus.com/bid/102785 http://www.securitytracker.com/id/1040267 https://support.apple.com/HT208465 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2018-4091
https://notcve.org/view.php?id=CVE-2018-4091
An issue was discovered in certain Apple products. macOS before 10.13.3 is affected. The issue involves the "Sandbox" component. It allows bypass of a sandbox protection mechanism. Se ha descubierto un problema en algunos productos Apple. Las versiones de macOS anteriores a la 10.13.3 se han visto afectadas. • http://www.securityfocus.com/bid/102785 http://www.securitytracker.com/id/1040267 https://support.apple.com/HT208465 •
CVE-2018-4098
https://notcve.org/view.php?id=CVE-2018-4098
An issue was discovered in certain Apple products. macOS before 10.13.3 is affected. The issue involves the "IOHIDFamily" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. Se ha descubierto un problema en algunos productos Apple. Las versiones de macOS anteriores a la 10.13.3 se han visto afectadas. • http://www.securityfocus.com/bid/102785 http://www.securitytracker.com/id/1040267 https://support.apple.com/HT208465 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •