CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2016-7607
https://notcve.org/view.php?id=CVE-2016-7607
An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "Kernel" component, which allows attackers to obtain sensitive information from kernel memory via a crafted app. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.2 está afectado. macOS en versiones anteriores a 10.12.2 está afectado. watchOS en versiones anteriores a 3.1.3 está afectado. El problema involucra al componente "Kernel", que permite a atacantes obtener información sensible de la memoria del kérnel a través de una aplicación manipulada. • http://www.securityfocus.com/bid/94905 http://www.securitytracker.com/id/1037469 https://support.apple.com/HT207422 https://support.apple.com/HT207423 https://support.apple.com/HT207487 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2016-7619
https://notcve.org/view.php?id=CVE-2016-7619
An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "libarchive" component, which allows local users to write to arbitrary files via vectors related to symlinks. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.2 está afectado. macOS en versiones anteriores a 10.12.2 está afectado. watchOS en versiones anteriores a 3.1.3 está afectado. El problema involucra al componente "libarchive", que permite a usuarios locales escribir archivos arbitrarios a través de vectores relacionados con enlaces simbólicos. • http://www.securityfocus.com/bid/94905 http://www.securitytracker.com/id/1037469 https://support.apple.com/HT207422 https://support.apple.com/HT207423 https://support.apple.com/HT207487 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 8.8EPSS: 1%CPEs: 4EXPL: 0CVE-2016-4688
https://notcve.org/view.php?id=CVE-2016-4688
An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. tvOS before 10.0.1 is affected. watchOS before 3.1 is affected. watchOS before 3.1.3 is affected. The issue involves the "FontParser" component. It allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a crafted font. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.1 está afectado. macOS en versiones anteriores a 10.12.1 está afectado. tvOS en versiones anteriores a 10.0.1 está afectado. watchOS en versiones anteriores a 3.1 está afectado. watchOS en versiones anteriores a 3.1.3 está afectado. El problema involucra el componente "FontParser". • http://www.securityfocus.com/bid/94572 http://www.securitytracker.com/id/1037469 https://support.apple.com/HT207269 https://support.apple.com/HT207270 https://support.apple.com/HT207271 https://support.apple.com/HT207275 https://support.apple.com/HT207487 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 0CVE-2016-7600
https://notcve.org/view.php?id=CVE-2016-7600
An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the "OpenPAM" component, which allows local users to obtain sensitive information by leveraging mishandling of failed PAM authentication by a sandboxed app. Se ha descubierto un problema en ciertos productos Apple. macOS en versiones anteriores a 10.12.2 está afectado. El problema involucra al componente "OpenPAM" que permite a usuarios locales obtener información sensible aprovechando el manejo incorrecto de una autenticación PAM fallida por una app aislada. • http://www.securityfocus.com/bid/94903 http://www.securitytracker.com/id/1037469 https://support.apple.com/HT207423 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-7596
https://notcve.org/view.php?id=CVE-2016-7596
An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the "Bluetooth" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. Se ha descubierto un problema en ciertos productos Apple. macOS en versiones anteriores a 10.12.2 está afectado. El problema involucra al componente "Bluetooth". • http://www.securityfocus.com/bid/94903 http://www.securitytracker.com/id/1037469 https://support.apple.com/HT207423 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •