CVE-2016-7605
https://notcve.org/view.php?id=CVE-2016-7605
An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the "Bluetooth" component. It allows attackers to cause a denial of service (NULL pointer dereference) via a crafted app. Se ha descubierto un problema en ciertos productos Apple. macOS en versiones anteriores a 10.12.2 está afectado. El problema involucra al componente "Bluetooth". • http://www.securityfocus.com/bid/94903 http://www.securitytracker.com/id/1037469 https://support.apple.com/HT207423 • CWE-476: NULL Pointer Dereference •
CVE-2017-2358
https://notcve.org/view.php?id=CVE-2017-2358
An issue was discovered in certain Apple products. macOS before 10.12.3 is affected. The issue involves the "Graphics Drivers" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. Se ha descubierto un problema en ciertos productos Apple. macOS en versiones anteriores a 10.12.3 está afectado. El problema involucra al componente "Graphics Drivers". • http://www.securityfocus.com/bid/95723 http://www.securitytracker.com/id/1037671 https://support.apple.com/HT207483 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2017-2357
https://notcve.org/view.php?id=CVE-2017-2357
An issue was discovered in certain Apple products. macOS before 10.12.3 is affected. The issue involves the "IOAudioFamily" component. It allows attackers to obtain sensitive kernel memory-layout information via a crafted app. Se ha descubierto un problema en ciertos productos Apple. macOS en versiones anteriores a 10.12.3 está afectado. El problema involucra al componente "IOAudioFamily". • http://www.securityfocus.com/bid/95723 http://www.securitytracker.com/id/1037671 https://support.apple.com/HT207483 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2017-2361 – Apple macOS HelpViewer 10.12.1 - XSS Leads to Arbitrary File Execution / Arbitrary File Read
https://notcve.org/view.php?id=CVE-2017-2361
An issue was discovered in certain Apple products. macOS before 10.12.3 is affected. The issue involves the "Help Viewer" component, which allows XSS attacks via a crafted web site. Se ha descubierto un problema en ciertos productos Apple. macOS en versiones anteriores a 10.12.3 está afectado. El problema involucra al componente "Help Viewer" que permite ataques de XSS a través de un sito web manipulado. Cross site scripting on macOS HelpViewer leads to arbitrary file execution and arbitrary file read. • https://www.exploit-db.com/exploits/41443 http://www.securityfocus.com/bid/95723 http://www.securitytracker.com/id/1037671 https://bugs.chromium.org/p/project-zero/issues/detail?id=1040 https://support.apple.com/HT207483 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2017-2353 – Apple macOS 10.12.1 / iOS Kernel - 'IOService::matchPassive' Use-After-Free
https://notcve.org/view.php?id=CVE-2017-2353
An issue was discovered in certain Apple products. macOS before 10.12.3 is affected. The issue involves the "Bluetooth" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (use-after-free) via a crafted app. Se ha descubierto un problema en ciertos productos Apple. macOS en versiones anteriores a 10.12.3 está afectado. El problema involucra al componente "Bluetooth". • https://www.exploit-db.com/exploits/41164 http://www.securityfocus.com/bid/95723 http://www.securitytracker.com/id/1037671 https://support.apple.com/HT207483 • CWE-416: Use After Free •