CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-4640 – Apple OS X WindowServer _XRegisterCursorWithData Memory Corruption Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2016-4640
Login Window in Apple OS X before 10.11.6 allows attackers to execute arbitrary code in a privileged context, obtain sensitive user information, or cause a denial of service (memory corruption) via a crafted app. Login Window en Apple OS X en versiones anteriores a 10.11.6 permite a atacantes ejecutar código arbitrario en un contexto privilegiado, obtener información sensible de usuario, o provocar una denegación de servicio (corrupción de memoria) a través de una aplicación manipulada. This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Apple OS X. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the CoreGraphics module. The issue lies in the failure to properly validate user-supplied data which can result in a memory corruption condition. • http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html http://www.securityfocus.com/bid/91824 http://www.securitytracker.com/id/1036348 http://zerodayinitiative.com/advisories/ZDI-16-435 https://support.apple.com/HT206903 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-4621
https://notcve.org/view.php?id=CVE-2016-4621
libc++abi in Apple OS X before 10.11.6 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. libc++abi en Apple OS X en versiones anteriores a 10.11.6 permite a atacantes ejecutar código arbitrario en un contexto privilegiado o provocar una denegación de servicio (corrupción de memoria) a través de una aplicación manipulada. • http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html http://www.securityfocus.com/bid/91824 http://www.securitytracker.com/id/1036348 https://support.apple.com/HT206903 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 4%CPEs: 1EXPL: 1CVE-2016-4629
https://notcve.org/view.php?id=CVE-2016-4629
ImageIO in Apple OS X before 10.11.6 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted xStride and yStride values in an EXR image. ImageIO en Apple OS X en versiones anteriores a 10.11.6 permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (corrupción de memoria) a través de valores xStride e yStride manipulados en una imagen EXR. • http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html http://www.securityfocus.com/bid/91824 http://www.securitytracker.com/id/1036348 http://www.talosintelligence.com/reports/TALOS-2016-0180 https://github.com/openexr/openexr/issues/563 https://support.apple.com/HT206903 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 2%CPEs: 1EXPL: 1CVE-2016-4630
https://notcve.org/view.php?id=CVE-2016-4630
ImageIO in Apple OS X before 10.11.6 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted EXR image with B44 compression. ImageIO en Apple OS X en versiones anteriores a 10.11.6 permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (corrupción de memoria) a través de una imagen EXR manipulada con compresión B44. • http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html http://www.securityfocus.com/bid/91824 http://www.securitytracker.com/id/1036348 http://www.talosintelligence.com/reports/TALOS-2016-0181 https://github.com/openexr/openexr/issues/563 https://support.apple.com/HT206903 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 0CVE-2016-4648 – Apple OS X DspFuncLib Use-After-Free Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2016-4648
Audio in Apple OS X before 10.11.6 allows local users to obtain sensitive kernel memory-layout information or cause a denial of service (out-of-bounds read) via unspecified vectors. Audio en Apple OS X en versiones anteriores a 10.11.6 permite a usuarios locales obtener información sensible de la estructura de memoria del kernel o provocar una denegación de servicio (lectura fuera de rango) a través de vectores no especificados. This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Apple OS X. User interaction is required to exploit this vulnerability in that the target must open a malicious file. The specific flaw exists within the DspFuncLib extension. The issue lies in the failure to properly handle error conditions leading to a dangling pointer being reused after it has been freed. • http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html http://www.securityfocus.com/bid/91824 http://www.securitytracker.com/id/1036348 http://www.zerodayinitiative.com/advisories/ZDI-16-496 https://support.apple.com/HT206903 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •