CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 1CVE-2016-1794 – Apple Mac OSX Kernel - Null Pointer Dereference in AppleMuxControl.kext
https://notcve.org/view.php?id=CVE-2016-1794
The AppleGraphicsControlClient::checkArguments method in AppleGraphicsControl in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app. El método AppleGraphicsControlClient::checkArguments en AppleGraphicsControl en Apple SO X en versiones anteriores a 10.11.5 permite a atacantes ejecutar código arbitrario en un contexto privilegiado o provocar una denegación de servicio (referencia a puntero NULL) a través de una aplicación manipulada. • https://www.exploit-db.com/exploits/39922 http://lists.apple.com/archives/security-announce/2016/May/msg00004.html http://packetstormsecurity.com/files/137402/OS-X-AppleMuxControl.kext-NULL-Pointer-Dereference.html http://www.securityfocus.com/bid/90696 http://www.securitytracker.com/id/1035895 https://bugs.chromium.org/p/project-zero/issues/detail?id=783 https://support.apple.com/HT206567 •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-1795
https://notcve.org/view.php?id=CVE-2016-1795
AppleGraphicsPowerManagement in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. AppleGraphicsPowerManagement en Apple OS X en versiones anteriores a 10.11.5 permite a atacantes ejecutar código arbitrario en un contexto privilegiado o causar una denegación de servicio (corrupción de memoria) a través de una app manipulada. • http://lists.apple.com/archives/security-announce/2016/May/msg00004.html http://www.securityfocus.com/bid/90696 http://www.securitytracker.com/id/1035895 https://support.apple.com/HT206567 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-1815 – Apple OS X IntelAccelerator Out-Of-Bounds Indexing Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2016-1815
IOAcceleratorFamily in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. IOAcceleratorFamily en Apple OS X en versiones anteriores a 10.11.5 permite a atacantes ejecutar código arbitrario en un contexto privilegiado o causar una denegación de servicio (corrupción de memoria) a través de una app manipulada. This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Apple OS X. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the IntelAccelerator kext. The issue lies in the blit3d_submit_commands function, which fails to properly validate the bounds of a vector. • http://lists.apple.com/archives/security-announce/2016/May/msg00004.html http://www.securityfocus.com/bid/90696 http://www.securitytracker.com/id/1035895 http://www.zerodayinitiative.com/advisories/ZDI-16-345 https://support.apple.com/HT206567 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-1797 – Apple OS X fontd Sandbox Escape Vulnerability
https://notcve.org/view.php?id=CVE-2016-1797
Apple Type Services (ATS) in Apple OS X before 10.11.5 allows attackers to bypass intended FontValidator sandbox-policy restrictions and execute arbitrary code in a privileged context via a crafted app. Apple Type Services (ATS) en Apple OS X en versiones anteriores a 10.11.5 permite a atacantes eludir las restricciones de política de sandbox destinadas a FontValidator y ejecutar código arbitrario en un contexto privilegiado a través de una app manipulada. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple OS X. Authentication is not required to exploit this vulnerability. The specific flaw exists within the sandbox policy for the fontd process. The issue lies in the failure to properly ensure the FontValidator binary is either excluded from the policy, or is also sandboxed. • http://lists.apple.com/archives/security-announce/2016/May/msg00004.html http://www.securityfocus.com/bid/90696 http://www.securitytracker.com/id/1035895 http://www.zerodayinitiative.com/advisories/ZDI-16-360 https://support.apple.com/HT206567 • CWE-284: Improper Access Control •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-1791
https://notcve.org/view.php?id=CVE-2016-1791
The AMD subsystem in Apple OS X before 10.11.5 allows attackers to obtain sensitive kernel memory-layout information via a crafted app. El subsistema de AMD en Apple OS X en versiones anteriores a 10.11.5 permite a atacantes obtener información sensible de la estructura de memoria del kernel a través de una app manipulada. • http://lists.apple.com/archives/security-announce/2016/May/msg00004.html http://www.securityfocus.com/bid/90696 http://www.securitytracker.com/id/1035895 https://support.apple.com/HT206567 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •