CVE-2016-7613
https://notcve.org/view.php?id=CVE-2016-7613
An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. tvOS before 10.0.1 is affected. watchOS before 3.1 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context via a crafted app that leverages object-lifetime mishandling during process spawning. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.1 está afectado. macOS en versiones anteriores a 10.12.1 está afectado. tvOS en versiones anteriores a 10.0.1 está afectado. watchOS en versiones anteriores a 3.1 está afectado. El problema involucra al componente "Kernel". • http://www.securityfocus.com/bid/94116 https://support.apple.com/HT207269 https://support.apple.com/HT207270 https://support.apple.com/HT207271 https://support.apple.com/HT207275 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2016-7622
https://notcve.org/view.php?id=CVE-2016-7622
An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the "Grapher" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted .gcx file. Se ha descubierto un problema en ciertos productos Apple. macOS en versiones anteriores a 10.12.2 está afectado. El problema involucra al componente "Grapher". • http://www.securityfocus.com/bid/94903 http://www.securitytracker.com/id/1037469 https://support.apple.com/HT207423 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2016-7742
https://notcve.org/view.php?id=CVE-2016-7742
An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the "xar" component, which allows remote attackers to execute arbitrary code via a crafted archive that triggers use of uninitialized memory locations. Se ha descubierto un problema en ciertos productos Apple. macOS en versiones anteriores a 10.12.2 está afectado. El problema involucra al componente "xar", que permite a atacantes remotos ejecutar código arbitrario a través de un archivo manipulado que desencadena el uso de ubicaciones de memoria no inicializadas. • https://support.apple.com/HT207423 • CWE-20: Improper Input Validation •
CVE-2016-4683
https://notcve.org/view.php?id=CVE-2016-4683
An issue was discovered in certain Apple products. macOS before 10.12.1 is affected. The issue involves the "ImageIO" component. It allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds memory access and application crash) via a crafted SGI file. Se ha descubierto un problema en ciertos productos Apple. macOS en versiones anteriores a 10.12.1 está afectado. El problema involucra al componente "ImageIO". • http://www.securityfocus.com/bid/94431 https://support.apple.com/HT207275 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2016-7714 – Apple OS X IOReportUserClient Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2016-7714
An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "IOKit" component. It allows local users to obtain sensitive kernel memory-layout information via unspecified vectors. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.2 está afectado. macOS en versiones anteriores a 10.12.2 está afectado. watchOS en versiones anteriores a 3.1.3 está afectado. El problema involucra al componente "IOKit". • https://support.apple.com/HT207422 https://support.apple.com/HT207423 https://support.apple.com/HT207487 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •