CVSS: 8.8EPSS: 2%CPEs: 4EXPL: 1CVE-2017-7047 – Apple macOS/iOS - 'xpc_data' Objects Sandbox Escape Privilege Escalation
https://notcve.org/view.php?id=CVE-2017-7047
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. watchOS before 3.2.3 is affected. The issue involves the "libxpc" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. Fue encontrado un problema en ciertos productos de Apple. iOS versión anterior a 10.3.3 se ve afectado. MacOS versión anterior a 10.12.6 se ve afectado. • https://www.exploit-db.com/exploits/42407 http://www.securityfocus.com/bid/99883 http://www.securitytracker.com/id/1038950 https://support.apple.com/HT207922 https://support.apple.com/HT207923 https://support.apple.com/HT207924 https://support.apple.com/HT207925 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 3EXPL: 1CVE-2017-6998 – Apple iOS < 10.3.1 - Kernel
https://notcve.org/view.php?id=CVE-2017-6998
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "AVEVideoEncoder" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. Se ha detectado un problema en ciertos productos de Apple. iOS versión anterior a 10.3.2 se ve afectado. TVOS versión anterior a 10.2.1 se ve afectado. • https://www.exploit-db.com/exploits/42555 http://www.securityfocus.com/bid/98571 https://support.apple.com/HT207798 https://support.apple.com/HT207800 https://support.apple.com/HT207801 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 3EXPL: 1CVE-2017-6994 – Apple iOS < 10.3.1 - Kernel
https://notcve.org/view.php?id=CVE-2017-6994
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "AVEVideoEncoder" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. Se ha detectado un problema en ciertos productos de Apple. iOS versión anterior a 10.3.2 se ve afectado. TVOS versión anterior a 10.2.1 se ve afectado. • https://www.exploit-db.com/exploits/42555 http://www.securityfocus.com/bid/98571 https://support.apple.com/HT207798 https://support.apple.com/HT207800 https://support.apple.com/HT207801 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 8%CPEs: 4EXPL: 1CVE-2017-2523 – Apple macOS/iOS - NSUnarchiver Heap Corruption Due to Lack of Bounds Checking in [NSBuiltinCharacterSet initWithCoder:]
https://notcve.org/view.php?id=CVE-2017-2523
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "Foundation" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted data. Fue encontrado un problema en algunos productos de Apple. iOS anteriores a la versión 10.3.2 se ven afectados. macOS anterior a la versión 10.12.5 se vea afectado. tvOS anterior a la versión la 10.2.1 se ve afectado. watchOS anterior a la versión 3.2.2 se ve afectado. El problema involucra el componente “Foundation”. • https://www.exploit-db.com/exploits/42050 http://www.securityfocus.com/bid/98584 https://support.apple.com/HT207797 https://support.apple.com/HT207798 https://support.apple.com/HT207800 https://support.apple.com/HT207801 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 3EXPL: 1CVE-2017-6995 – Apple iOS < 10.3.1 - Kernel
https://notcve.org/view.php?id=CVE-2017-6995
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "AVEVideoEncoder" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. Se ha detectado un problema en ciertos productos de Apple. iOS versión anterior a 10.3.2 se ve afectado. TVOS versión anterior a 10.2.1 se ve afectado. • https://www.exploit-db.com/exploits/42555 http://www.securityfocus.com/bid/98571 https://support.apple.com/HT207798 https://support.apple.com/HT207800 https://support.apple.com/HT207801 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •